| |
| |||||||
Alles rund um Windows: Bootzeit von Windows lange!Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
10.11.2014, 00:00
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Bootzeit von Windows lange! [gelöst] FRST auf dem Desktop, Fixlist auf dem Desktop - Dateiname muss richtig geschrieben sein
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
10.11.2014, 00:05
| #17 |
 | Bootzeit von Windows lange! [gelöst] So habs :
__________________Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2014 01
Ran by NABIL at 2014-11-10 00:02:06 Run:1
Running from C:\FRST
Loaded Profile: NABIL (Available profiles: NABIL & Gast)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyServer: http=127.0.0.1:49245;https=127.0.0.1:49245
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha206\ff [Not Found]
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3326303&octid=EB_ORIGINAL_CTID&ISID=M94508079-98E9-448A-9B03-6FACE64A9248&SearchSource=55&CUI=&UM=6&UP=SPB320A8BE-0BEC-45B8-AF16-31AABDFC43EB&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3326303&octid=EB_ORIGINAL_CTID&ISID=M94508079-98E9-448A-9B03-6FACE64A9248&SearchSource=55&CUI=&UM=6&UP=SPB320A8BE-0BEC-45B8-AF16-31AABDFC43EB&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultNewTabURL: Default -> https://www.trovi.com/?gd=&ctid=CT3326303&octid=EB_ORIGINAL_CTID&ISID=M94508079-98E9-448A-9B03-6FACE64A9248&SearchSource=69&CUI=&SSPV=&lay=5&p=cnts&UM=6&UP=SPB320A8BE-0BEC-45B8-AF16-31AABDFC43EB&SAT=CNTS
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
C:\Users\NABIL\Downloads\p95v285.win64.zip
C:\Users\NABIL\Downloads\The.Sims.4.Update.3.and.Crack.v7.rar
C:\Users\NABIL\AppData\Roaming\0F1L1I1P0H1L1E1E1F
C:\Users\NABIL\Downloads\DTLite4491-0356_inst.exe
C:\Windows\Tasks\GOO.job
C:\Users\NABIL\AppData\Roaming\GOO.exe
Task: {0F82604F-B3D0-4C4E-B5FE-7D703CE1EC22} - \GOO No Task File <==== ATTENTIONTask: {238610D6-9699-44BC-A5B0-E5679E67D1A0} - \EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196} No Task File <==== ATTENTION
Task: {341F501E-48C2-4514-9DA5-881E88F866FF} - \EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196} No Task File <==== ATTENTION
Task: {4624FBD3-1D5F-4E4A-8396-CB978A1BD656} - \IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon No Task File <==== ATTENTION
Task: {5AD867B7-969A-4C8E-838F-142BDF03A379} - \{B35262DE-0950-4BEA-9A58-BE682D815EEE} No Task File <==== ATTENTION
Task: {5D4784AA-3D2A-47D1-AA9E-FA412CD8B09C} - \{3A70AE66-2161-45F1-BC81-E4451C4BF737} No Task File <==== ATTENTION
Task: {7736A164-4121-4B69-B310-4F3CDF31E690} - \{F61289EF-9E48-408A-9F0F-A38888488027} No Task File <==== ATTENTION
Task: {77C747D9-C6AA-4A9E-A75D-25ACB3C35BF7} - \{ED28B8C6-213A-407F-A2A3-4DA0C0FE19D2} No Task File <==== ATTENTION
Task: {948479EC-5D12-420E-BF1B-55B1953E3A14} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {AAA14B36-E703-45C3-A4C9-2E289BD112BC} - \{2E26820B-A83B-49A3-ADCC-EA6C07463424} No Task File <==== ATTENTION
Task: {C73C890A-65BB-4592-9041-E69B1F9BC14A} - \Adobe-Online-Aktualisierungsprogramm No Task File <==== ATTENTION
Task: {D51162AA-E1CD-4B81-8553-8DBAB2655E92} - \{38EEE14A-0C6A-49CC-A422-EC4827DFABC8} No Task File <==== ATTENTION
Task: {E468E327-3D33-44C1-B90F-CD9AC9587272} - \IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GOO.job => C:\Users\NABIL\AppData\Roaming\GOO.exe <==== ATTENTION
EmptyTemp:
Hosts:
*****************
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
"HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff not found.
C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha206\ff not found.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
CHR DefaultNewTabURL: Default -> https://www.trovi.com/?gd=&ctid=CT3326303&octid=EB_ORIGINAL_CTID&ISID=M94508079-98E9-448A-9B03-6FACE64A9248&SearchSource=69&CUI=&SSPV=&lay=5&p=cnts&UM=6&UP=SPB320A8BE-0BEC-45B8-AF16-31AABDFC43EB&SAT=CNTS => Error: No automatic fix found for this entry.
Chrome DefaultSuggestURL deleted successfully.
C:\Users\NABIL\Downloads\p95v285.win64.zip => Moved successfully.
C:\Users\NABIL\Downloads\The.Sims.4.Update.3.and.Crack.v7.rar => Moved successfully.
C:\Users\NABIL\AppData\Roaming\0F1L1I1P0H1L1E1E1F => Moved successfully.
C:\Users\NABIL\Downloads\DTLite4491-0356_inst.exe => Moved successfully.
C:\Windows\Tasks\GOO.job => Moved successfully.
C:\Users\NABIL\AppData\Roaming\GOO.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0F82604F-B3D0-4C4E-B5FE-7D703CE1EC22}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F82604F-B3D0-4C4E-B5FE-7D703CE1EC22}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GOO No Task File <==== ATTENTIONTask: {238610D6-9699-44BC-A5B0-E5679E67D1A0} - \EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{341F501E-48C2-4514-9DA5-881E88F866FF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{341F501E-48C2-4514-9DA5-881E88F866FF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4624FBD3-1D5F-4E4A-8396-CB978A1BD656}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4624FBD3-1D5F-4E4A-8396-CB978A1BD656}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AD867B7-969A-4C8E-838F-142BDF03A379}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AD867B7-969A-4C8E-838F-142BDF03A379}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B35262DE-0950-4BEA-9A58-BE682D815EEE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D4784AA-3D2A-47D1-AA9E-FA412CD8B09C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D4784AA-3D2A-47D1-AA9E-FA412CD8B09C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3A70AE66-2161-45F1-BC81-E4451C4BF737}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7736A164-4121-4B69-B310-4F3CDF31E690}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7736A164-4121-4B69-B310-4F3CDF31E690}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F61289EF-9E48-408A-9F0F-A38888488027}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77C747D9-C6AA-4A9E-A75D-25ACB3C35BF7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77C747D9-C6AA-4A9E-A75D-25ACB3C35BF7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ED28B8C6-213A-407F-A2A3-4DA0C0FE19D2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{948479EC-5D12-420E-BF1B-55B1953E3A14}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{948479EC-5D12-420E-BF1B-55B1953E3A14}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AAA14B36-E703-45C3-A4C9-2E289BD112BC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAA14B36-E703-45C3-A4C9-2E289BD112BC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2E26820B-A83B-49A3-ADCC-EA6C07463424}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C73C890A-65BB-4592-9041-E69B1F9BC14A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C73C890A-65BB-4592-9041-E69B1F9BC14A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe-Online-Aktualisierungsprogramm" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D51162AA-E1CD-4B81-8553-8DBAB2655E92}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D51162AA-E1CD-4B81-8553-8DBAB2655E92}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{38EEE14A-0C6A-49CC-A422-EC4827DFABC8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E468E327-3D33-44C1-B90F-CD9AC9587272}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E468E327-3D33-44C1-B90F-CD9AC9587272}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => Key deleted successfully.
C:\Windows\Tasks\GOO.job not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 552.9 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
|
|
10.11.2014, 13:41
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bootzeit von Windows lange! [gelöst] Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken
__________________
__________________ |
|
10.11.2014, 19:41
| #19 |
| | Bootzeit von Windows lange! [gelöst] Also hier die Logdatei: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014
Ran by NABIL (administrator) on NABIL-PC on 10-11-2014 19:40:11
Running from C:\Users\NABIL\Downloads\FRST-OlderVersion
Loaded Profile: NABIL (Available profiles: NABIL & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILEE.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4873248 2014-10-13] (Emsisoft GmbH)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
BootExecute: autocheck autochk * sdnclean64.exeaswBoot.exe /M:576a9e96 /wow /dir:C:\Program
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F37B658C-DD8B-4CF0-8B0B-6CE9D411B48F}: [NameServer] 208.67.222.222 208.67.220.220
FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> m:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release6352.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha206.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha206\ff
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-10-16]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha206\ff [Not Found]
Chrome:
=======
CHR Profile: C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-29]
CHR Extension: (YouTube) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-05]
CHR Extension: (Google-Suche) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-05]
CHR Extension: (AdBlock) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-10-25]
CHR Extension: (Google Wallet) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-25]
CHR Extension: (Google Mail) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-05]
CHR HKLM-x32\...\Chrome\Extension: [dabiojiiidaepijppfchfinldmhhfhok] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ch\RichMediaViewV1release6352.crx []
CHR HKLM-x32\...\Chrome\Extension: [oacphlebognfhmpckkjjgpnlddonanpe] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha206\ch\TrustMediaViewerV1alpha206.crx []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4816568 2014-10-13] (Emsisoft GmbH)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 Asus Product Register Service; C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe [62128 2012-09-11] ()
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-12] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-05-24] ()
S1 BdfNdisf; \??\c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ISCT; system32\DRIVERS\ISCTD64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-10 19:40 - 2014-11-10 19:40 - 00000000 ____D () C:\FRST
2014-11-09 23:52 - 2014-11-10 19:40 - 00000000 ____D () C:\Users\NABIL\Downloads\FRST-OlderVersion
2014-11-09 17:38 - 2014-11-09 17:38 - 00001289 _____ () C:\Users\NABIL\Desktop\JRT.txt
2014-11-09 17:35 - 2014-11-09 17:35 - 01706808 _____ (Thisisu) C:\Users\NABIL\Downloads\JRT.exe
2014-11-09 17:35 - 2014-11-09 17:35 - 00000000 ____D () C:\Windows\ERUNT
2014-11-09 17:14 - 2014-11-09 17:15 - 00000000 ____D () C:\AdwCleaner
2014-11-09 17:08 - 2014-11-09 17:08 - 02145792 _____ () C:\Users\NABIL\Desktop\AdwCleaner_4.100.exe
2014-11-09 16:56 - 2014-11-09 16:56 - 00036668 _____ () C:\ComboFix.txt
2014-11-09 16:50 - 2014-11-09 16:50 - 00001459 _____ () C:\Users\NABIL\Desktop\ComboFix.exe - Verknüpfung.lnk
2014-11-09 16:49 - 2014-11-09 16:49 - 05593358 ____R (Swearware) C:\Users\NABIL\Desktop\ComboFix.exe
2014-11-09 16:42 - 2014-11-09 16:56 - 00000000 ____D () C:\Qoobox
2014-11-09 16:42 - 2014-11-09 16:55 - 00000000 ____D () C:\Windows\erdnt
2014-11-09 16:42 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-09 16:42 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-09 16:42 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-09 16:42 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-09 16:42 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-09 16:42 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-09 16:42 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-09 16:42 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-09 14:58 - 2014-11-09 17:46 - 00046016 _____ () C:\Users\NABIL\Desktop\Fixlist.txt
2014-11-09 14:58 - 2014-11-09 17:46 - 00028300 _____ () C:\Users\NABIL\Downloads\Addition.txt
2014-11-09 14:57 - 2014-11-10 00:02 - 00000000 ____D () C:\Users\NABIL\Desktop\FRST
2014-11-08 05:13 - 2014-11-08 05:13 - 00001704 _____ () C:\EamClean.log
2014-11-08 04:40 - 2014-11-08 04:40 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-11-08 03:57 - 2014-11-10 19:38 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-11-08 03:57 - 2014-11-08 03:57 - 00001091 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-11-08 03:57 - 2014-11-08 03:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-11-08 03:54 - 2014-11-08 03:54 - 161707240 _____ (Emsisoft GmbH ) C:\Users\NABIL\Downloads\EmsisoftAntiMalwareSetup.exe
2014-11-04 23:24 - 2014-11-04 23:24 - 10255080 _____ (Lavalys, Inc. ) C:\Users\NABIL\Downloads\everestultimate550.exe
2014-11-04 23:24 - 2014-11-04 23:24 - 00001122 _____ () C:\Users\NABIL\Desktop\EVEREST Ultimate Edition.lnk
2014-11-01 22:48 - 2014-11-01 22:48 - 00000000 ____D () C:\Users\NABIL\Desktop\Shaders
2014-11-01 22:47 - 2014-11-09 17:16 - 00324592 _____ () C:\Windows\PFRO.log
2014-11-01 22:10 - 2014-11-01 22:10 - 00002136 _____ () C:\Users\NABIL\Desktop\Bully.lnk
2014-11-01 21:50 - 2014-11-01 21:52 - 00000000 ____D () C:\Users\NABIL\Documents\Bully Scholarship Edition
2014-11-01 21:40 - 2014-11-01 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-11-01 21:33 - 2014-11-01 21:34 - 00017513 _____ () C:\Windows\DirectX.log
2014-10-27 15:08 - 2014-10-27 15:09 - 00043928 _____ () C:\Users\NABIL\AppData\Roaming\test.jar
2014-10-26 00:00 - 2014-11-10 18:55 - 00297973 _____ () C:\Windows\setupact.log
2014-10-26 00:00 - 2014-10-26 00:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-22 04:32 - 2014-10-22 04:32 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-22 04:32 - 2014-10-22 04:32 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-20 13:34 - 2014-11-08 05:13 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-20 13:34 - 2014-10-20 13:34 - 130462856 _____ (AVAST Software) C:\Users\NABIL\Downloads\avast_free_antivirus_setup-rc2.exe
2014-10-20 13:26 - 2014-10-20 13:26 - 00000000 ____D () C:\Windows\pss
2014-10-20 13:25 - 2014-10-20 13:25 - 00092484 _____ () C:\Users\NABIL\Documents\cc_20141020_142507.reg
2014-10-20 13:23 - 2014-10-20 13:23 - 03836936 _____ (Piriform Ltd) C:\Users\NABIL\Downloads\ccsetup418_slim.exe
2014-10-16 00:12 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 00:12 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 00:12 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 00:12 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 00:12 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 00:12 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 00:12 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 00:12 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 00:12 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 00:12 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 00:12 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 00:12 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 00:12 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 00:12 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 00:12 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 00:12 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 00:12 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 00:12 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 00:12 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 00:12 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 00:12 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 00:12 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 00:12 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 00:12 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 00:12 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 00:12 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 00:12 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 00:12 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 00:12 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 00:12 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 00:12 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 00:12 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 00:12 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 00:12 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 00:12 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 00:12 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 00:12 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 00:12 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 00:12 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 00:12 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 00:12 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 00:12 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 00:12 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 00:12 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 00:12 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 00:12 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 00:12 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 00:12 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 00:12 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 00:12 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 00:12 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 00:12 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 00:12 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 00:12 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 00:12 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 00:12 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 00:12 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 00:12 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 00:12 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 00:12 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 00:12 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 00:12 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 00:11 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 00:11 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 00:11 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 00:11 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 00:11 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 00:11 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 00:11 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 00:11 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 00:11 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 00:11 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 00:11 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 00:11 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 00:11 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 00:11 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 00:11 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-12 17:36 - 2014-10-21 02:28 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\Win Update
2014-10-12 11:57 - 2014-10-12 11:57 - 00000000 ____D () C:\Users\NABIL\Documents\CAPCOM
2014-10-12 11:55 - 2014-10-12 11:55 - 00000599 _____ () C:\Users\Public\Desktop\Ultra Street Fighter IV.lnk
2014-10-12 11:55 - 2014-10-12 11:55 - 00000599 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultra Street Fighter IV.lnk
2014-10-12 11:50 - 2014-10-12 11:50 - 00001950 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-10-12 11:49 - 2014-10-12 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-10-12 11:49 - 2014-10-12 11:49 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-10-12 11:49 - 2014-10-12 11:49 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-10-12 11:48 - 2014-10-12 11:50 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\Panda Security
2014-10-12 11:48 - 2014-10-12 11:50 - 00000000 ____D () C:\ProgramData\Panda Security
2014-10-12 11:48 - 2014-10-12 11:50 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-10-12 11:08 - 2011-02-18 15:07 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-10-11 22:28 - 2014-11-09 17:31 - 00001354 _____ () C:\Users\NABIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-10-11 21:28 - 2012-12-10 15:21 - 00163376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2014-10-11 21:28 - 2012-11-26 10:10 - 00221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tabctl32.ocx
2014-10-11 21:28 - 2012-07-06 19:03 - 00617816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2014-10-11 21:28 - 2012-05-02 10:17 - 01070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2014-10-11 21:28 - 2011-01-12 12:36 - 01054208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71deu.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71ita.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71fra.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71esp.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71enu.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71kor.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71jpn.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71cht.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71chs.dll
2014-10-11 21:28 - 2011-01-12 12:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-10-11 21:28 - 2011-01-12 11:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2014-10-11 21:28 - 2010-02-16 13:22 - 00659264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomct2.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00443488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshflxgd.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00415552 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00278352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatgrd.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00258880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00252240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00222528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00218432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00215880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00178512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00170080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00136008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2014-10-11 21:28 - 2010-02-16 13:22 - 00126800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00119616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00107840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstkprp.dll
2014-10-11 21:28 - 2010-02-16 13:22 - 00100160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\picclp32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00080208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx
2014-10-11 21:28 - 2007-02-01 21:13 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-10-11 21:28 - 2007-02-01 18:11 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-10-11 21:28 - 2007-01-30 21:04 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2014-10-11 21:28 - 2006-08-25 23:28 - 01017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll
2014-10-11 21:28 - 2006-08-25 23:07 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2014-10-11 21:28 - 2006-08-25 22:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
2014-10-11 21:28 - 2006-04-10 12:41 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl32.ocx
2014-10-11 21:28 - 2005-01-20 18:25 - 00054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2014-10-11 21:28 - 2002-01-05 04:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp70.dll
2014-10-11 21:28 - 2001-08-22 23:00 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2014-10-11 21:28 - 1996-01-12 02:00 - 00722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb40032.dll
2014-10-11 21:28 - 1993-07-23 18:31 - 00210944 _____ () C:\Windows\SysWOW64\msvcrt10.dll
2014-10-11 21:24 - 2014-10-11 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-10 19:38 - 2013-10-25 17:03 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-10 19:37 - 2013-10-25 17:03 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 19:26 - 2014-05-21 12:26 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196}.job
2014-11-10 19:02 - 2009-07-14 05:45 - 00038848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-10 19:02 - 2009-07-14 05:45 - 00038848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-10 18:59 - 2010-11-21 07:50 - 00700130 _____ () C:\Windows\system32\perfh007.dat
2014-11-10 18:59 - 2010-11-21 07:50 - 00149768 _____ () C:\Windows\system32\perfc007.dat
2014-11-10 18:59 - 2009-07-14 06:13 - 01622706 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-10 18:58 - 2014-03-05 20:00 - 01412959 _____ () C:\Windows\WindowsUpdate.log
2014-11-10 18:55 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-10 00:02 - 2014-05-21 12:26 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196}.job
2014-11-10 00:02 - 2013-10-19 02:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-09 17:15 - 2014-03-05 20:04 - 00000995 _____ () C:\Users\NABIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-09 17:15 - 2013-10-25 17:03 - 00001278 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-09 17:15 - 2013-10-25 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-09 16:56 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-09 16:55 - 2009-07-14 03:34 - 92012544 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-11-09 16:55 - 2009-07-14 03:34 - 21495808 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-11-09 16:55 - 2009-07-14 03:34 - 04980736 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-11-09 16:55 - 2009-07-14 03:34 - 00028672 _____ () C:\Windows\system32\config\SAM.bak
2014-11-09 16:55 - 2009-07-14 03:34 - 00024576 _____ () C:\Windows\system32\config\SECURITY.bak
2014-11-09 16:55 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-09 16:54 - 2013-11-06 20:41 - 00000000 ____D () C:\Program Files (x86)\PSupport
2014-11-09 16:54 - 2009-07-14 03:34 - 44040192 _____ () C:\Windows\system32\config\COMPONENTS.bak
2014-11-09 16:50 - 2009-07-14 06:08 - 00024066 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-08 05:10 - 2014-07-07 14:26 - 00000000 ____D () C:\Program Files (x86)\Valiant Hearts The Great War
2014-11-08 03:53 - 2014-05-07 16:50 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-11-04 23:24 - 2013-11-19 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2014-11-04 23:24 - 2013-11-19 14:50 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-04 02:30 - 2013-10-25 15:49 - 00000000 ____D () C:\Users\NABIL\AppData\Local\Microsoft Help
2014-11-02 15:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-01 21:51 - 2014-03-19 16:30 - 00000000 ____D () C:\Users\NABIL\AppData\Local\JDownloader 2.0
2014-11-01 21:50 - 2013-10-05 03:21 - 00000000 ____D () C:\Users\NABIL\AppData\Local\VirtualStore
2014-11-01 21:40 - 2013-10-05 02:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-01 21:35 - 2014-07-07 14:09 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-11-01 21:32 - 2013-10-05 03:37 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\DAEMON Tools Lite
2014-11-01 21:31 - 2014-05-28 00:57 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\Raptr
2014-10-31 03:17 - 2013-10-19 23:37 - 00130925 _____ () C:\Users\NABIL\Documents\TombRaider.log
2014-10-31 01:45 - 2014-06-17 22:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-23 18:26 - 2014-06-22 17:34 - 00000000 ____D () C:\Users\NABIL\AppData\Local\Nero
2014-10-23 18:23 - 2013-11-19 23:50 - 00000000 ____D () C:\ProgramData\Origin
2014-10-20 13:24 - 2014-05-23 16:33 - 00000000 ____D () C:\Windows\Minidump
2014-10-20 13:24 - 2014-03-05 19:52 - 00000000 ____D () C:\Windows\Panther
2014-10-20 13:24 - 2013-10-05 17:20 - 00000000 ____D () C:\Users\NABIL\AppData\Local\CrashDumps
2014-10-20 09:33 - 2013-11-19 23:50 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-20 02:00 - 2013-10-25 15:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-20 02:00 - 2013-10-25 15:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 09:52 - 2014-03-05 20:04 - 00111520 _____ () C:\Users\NABIL\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-16 03:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 02:22 - 2009-07-14 05:45 - 00433376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 02:06 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-10-16 02:02 - 2013-10-05 02:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 02:00 - 2014-03-05 21:02 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-12 19:17 - 2013-10-08 20:23 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\vlc
2014-10-12 18:05 - 2014-08-18 01:41 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-12 17:46 - 2013-11-12 21:11 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-12 17:45 - 2014-03-17 04:41 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-10-12 10:23 - 2014-08-18 01:42 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 00:26
==================== End Of Log ============================
und die Addition datei: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014
Ran by NABIL at 2014-11-10 19:40:28
Running from C:\Users\NABIL\Downloads\FRST-OlderVersion
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Emsisoft Anti-Malware (Disabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Disabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock IE 2.3 (HKLM\...\{58161756-037B-42CD-B575-AF804A2F0F47}) (Version: 2.3.1756 - MGTEK)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06 (HKLM-x32\...\Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06) (Version: - )
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.017 - ASUSTek Computer Inc.)
Batman: Arkham City™ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Broken Sword 5 - the Serpent's Curse (HKLM-x32\...\GOGPACKBROKENSWORD5EP1EP2_is1) (Version: 2.0.0.2 - GOG.com)
Bully Scholarship Edition (HKLM-x32\...\InstallShield_{A724605D-B399-4304-B8C7-33B3EF7D4677}) (Version: 1.00.0154 - Ihr Firmenname)
Bully Scholarship Edition (x32 Version: 1.00.0154 - Ihr Firmenname) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CrystalDiskInfo 6.1.8 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.8 - Crystal Dew World)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DAEMON Tools Packages (HKCU\...\DAEMON Tools Packages) (Version: - ) <==== ATTENTION
Druckerdeinstallation für EPSON XP-412 413 415 Series (HKLM\...\EPSON XP-412 413 415 Series) (Version: - SEIKO EPSON Corporation)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
Epson Event Manager (HKLM-x32\...\{2970697F-2A11-4588-8B7F-97322D1CCF3C}) (Version: 3.10.0017 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free Audio Converter version 5.0.43.605 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.43.605 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Harry Potter und der Orden des Phönix™ (HKLM-x32\...\{B69F28DF-CBB1-41B7-008A-210E4D0518FC}) (Version: - )
HydraVision (x32 Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{1EF24D7D-7B14-4EBA-A686-9E91C9C6763D}) (Version: 4.1.40.2143 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
L.A. Noire The Complete Edition Version 1.3.2617 (HKLM-x32\...\L.A. Noire The Complete Edition_is1) (Version: 1.3.2617 - Rockstar Games)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (HKLM\...\{3C28BFD4-90C7-3138-87EF-418DC16E9598}) (Version: 11.0.51106 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (HKLM\...\{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}) (Version: 11.0.51106 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (HKLM-x32\...\{6C772996-BFF3-3C8C-860B-B3D48FF05D65}) (Version: 11.0.51106 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (HKLM-x32\...\{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}) (Version: 11.0.51106 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Murdered: Soul Suspect (HKLM-x32\...\{98B68ADF-BED8-4F73-AA8A-B0236D547574}_is1) (Version: 1.0 - Eidos Interactive)
mystartsearch uninstall (HKLM-x32\...\mystartsearch uninstall) (Version: - mystartsearch) <==== ATTENTION
Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst (HKLM-x32\...\Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst_is1) (Version: - )
Naruto Shippuden Ultimate Ninja Storm Revolution (HKLM-x32\...\Naruto Shippuden Ultimate Ninja Storm Revolution_is1) (Version: - )
Nero 2014 (HKLM-x32\...\{A618CE26-1E36-4FA4-A1F4-D079DC6022B8}) (Version: 15.0.08500 - Nero AG)
Nero Burning ROM 2014 (HKLM-x32\...\{A4DC74AA-F4DF-48B9-AA4B-C30CA0DBCA33}) (Version: 15.0.04600 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.0 - Tracker Software Products Ltd)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Saints Row IV Game of the Century Edition 1.0 (HKLM-x32\...\Saints Row IV Game of the Century Edition 1.0) (Version: - )
SAMSUNG Android USB Modem Software (HKLM\...\SAMSUNG Android USB Modem) (Version: V5.28.2.1 - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SmartSaver+ 15 (HKLM-x32\...\SmartSaver+ 15) (Version: 1.35.9.29 - smart-saverplus) <==== ATTENTION
Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION)
South Park - The Stick of Truth Version 1.0.1353 (HKLM-x32\...\{83736891-79AE-49BA-96F5-55DD6F2186AC}_is1) (Version: 1.0.1353 - Ubisoft)
SSD Tweaker version 3.0.5 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.0.5 - Elpamsoft.com)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
The SIMS 4 Deluxe Edition, версия 1.0 (HKLM-x32\...\The SIMS 4 Deluxe Edition_is1) (Version: 1.0 - )
Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0 (HKLM-x32\...\Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0) (Version: - )
Tony Hawk's Pro Skater 2 (HKLM-x32\...\Activision_THPS2UninstallKey) (Version: - )
Ultra Street Fighter IV (HKLM-x32\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
Valiant Hearts: The Great War (HKLM-x32\...\VmFsaWFudEhlYXJ0c1RoZUdyZWF0V2Fy_is1) (Version: 1 - )
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Yahoo Community Smartbar Engine (HKCU\...\{5eb5b6cd-f37b-4d75-9f81-cf74e506c74e}) (Version: 11.112.66.19229 - Linkury Inc.) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
09-11-2014 15:51:15 ComboFix created restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-11-10 00:02 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2219BAF3-970C-442B-AA03-6D10302BA04F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {238610D6-9699-44BC-A5B0-E5679E67D1A0} - \EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196} No Task File <==== ATTENTION
Task: {27B49083-4E57-43A3-8339-DF6843AB4125} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6B05F11A-0FAA-459F-8398-5A68E112F578} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-25] (Google Inc.)
Task: {876EA98A-187D-4A26-8183-339326B7D990} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-25] (Google Inc.)
Task: {B6FB57AF-5104-4E12-9FD5-88D761B2AED5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {DBCCFDB7-E380-42A4-82BA-B20BC69765B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-01-17 10:24 - 2012-01-17 10:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2012-09-11 16:27 - 2012-09-11 16:27 - 00062128 _____ () C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
2014-11-08 03:57 - 2014-10-06 17:43 - 00775400 _____ () C:\Program Files (x86)\Emsisoft Anti-Malware\fw32.dll
2013-10-05 02:02 - 2013-03-12 12:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-28 20:38 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 20:38 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 20:38 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 20:38 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\NABIL\Downloads\ac3filter_2_6_0b.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\amddriverdownloader.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\AW Bewerbung.eml:OECustomProperty
AlternateDataStreams: C:\Users\NABIL\Downloads\CrystalDiskInfo6_1_8-en.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\Dropbox - CHIP-Downloader.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\everesthome220.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\FreeYouTubeToMP3Converter (2).exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\OriginThinSetup.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\Samsung Android USB Composite Device Treiber - CHIP-Downloader.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\Samsung Kies - CHIP-Downloader.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\SoftonicDownloader_fuer_ac3filter.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\UseNeXTSetup_5.62.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\WebInstallerJD2_c.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\WinZip175_mfse_fah.exe:BDU
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iSCTsysTray.lnk => C:\Windows\pss\iSCTsysTray.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
========================= Accounts: ==========================
Administrator (S-1-5-21-225648569-1694930765-1264359465-500 - Administrator - Disabled)
asd (S-1-5-21-225648569-1694930765-1264359465-1004 - Administrator - Enabled)
Gast (S-1-5-21-225648569-1694930765-1264359465-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-225648569-1694930765-1264359465-1002 - Limited - Enabled)
NABIL (S-1-5-21-225648569-1694930765-1264359465-1000 - Administrator - Enabled) => C:\Users\NABIL
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: BitDefender Firewall NDIS 6 Filter Driver
Description: BitDefender Firewall NDIS 6 Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BdfNdisf
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/10/2014 06:57:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/10/2014 06:55:34 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CISCTPnpDriverApi::CreateInstance *****Unable to open the ISCT device driver
Error: (11/10/2014 00:12:32 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (11/10/2014 00:04:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/10/2014 00:02:31 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CISCTPnpDriverApi::CreateInstance *****Unable to open the ISCT device driver
System errors:
=============
Error: (11/10/2014 06:55:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
BdfNdisf
Error: (11/10/2014 00:02:32 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
BdfNdisf
Microsoft Office Sessions:
=========================
Error: (11/10/2014 06:57:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/10/2014 06:55:34 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CISCTPnpDriverApi::CreateInstance *****Unable to open the ISCT device driver
Error: (11/10/2014 00:12:32 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (11/10/2014 00:04:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/10/2014 00:02:31 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CISCTPnpDriverApi::CreateInstance *****Unable to open the ISCT device driver
CodeIntegrity Errors:
===================================
Date: 2014-11-09 16:54:16.419
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-11-09 16:54:16.387
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-19 14:50:13.492
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\NABIL\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-19 14:50:13.476
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\NABIL\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-19 14:50:13.433
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-19 14:50:13.417
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 24%
Total physical RAM: 8111.47 MB
Available physical RAM: 6152.39 MB
Total Pagefile: 16221.12 MB
Available Pagefile: 14043.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:5.32 GB) NTFS
Drive d: (PC Receiver) (CDROM) (Total:0.1 GB) (Free:0 GB) CDFS
Drive f: (MULTIBOOT) (Removable) (Total:1.86 GB) (Free:1.07 GB) FAT32
Drive m: (Volume) (Fixed) (Total:1863.01 GB) (Free:964.72 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4A40E047)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5AC0E83E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 1.9 GB) (Disk ID: B0BCD68E)
No partition Table on disk 2.
==================== End Of Log ============================
|
|
11.11.2014, 00:25
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bootzeit von Windows lange! [gelöst] Okay, dann Kontrollscans mit MBAM und ESET bitte: Downloade Dir bitte  Malwarebytes Anti-Malware
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.11.2014, 02:48
| #21 |
| | Bootzeit von Windows lange! [gelöst] Malware : Code:
ATTFilter <?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/11/11 01:38:48 +0100</date>
<logfile>mbam-log-2014-11-11 (01-38-47).xml</logfile>
<isadmin>no</isadmin>
</header>
<engine>
<version>2.00.3.1025</version>
<malware-database>v2014.11.10.10</malware-database>
<rootkit-database>v2014.11.10.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>NABIL</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>376318</objects>
<time>227</time>
<processes>0</processes>
<modules>0</modules>
<keys>9</keys>
<values>3</values>
<datas>4</datas>
<folders>0</folders>
<files>11</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA}</path><vendor>PUP.Optional.ShoppingChip</vendor><action>success</action><hash>a18151e9d5a7f64027689d1bd52dfe02</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}</path><vendor>PUP.Optional.SearchProtect</vendor><action>success</action><hash>839ffa40bbc103337842fda811f30ff1</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}</path><vendor>PUP.Optional.SearchProtect</vendor><action>success</action><hash>3be77bbf760683b38138a00557ad58a8</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\RichMediaViewV1release6352</path><vendor>PUP.Optional.RichMediaView.A</vendor><action>success</action><hash>ee34f7433547ea4c2ca498b93ac939c7</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\SmartSaver+ 15</path><vendor>PUP.Optional.SmartSaver.A</vendor><action>success</action><hash>140ece6c2d4f320480f8d98cdd260af6</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\SmartSaver+ 15-nv</path><vendor>PUP.Optional.SmartSaver.A</vendor><action>success</action><hash>6ab89b9fceaef145de9a0e573dc6c33d</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\TrustMediaViewerV1alpha206</path><vendor>PUP.Optional.TrustMediaViewer.A</vendor><action>success</action><hash>1d05ac8e0e6eaa8c8b6a57ef2ed51be5</hash></key>
<key><path>HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\SmartSaver+ 15</path><vendor>PUP.Optional.SmartSaver.A</vendor><action>success</action><hash>a28052e8ef8dde58076e4e17a45fa15f</hash></key>
<key><path>HKU\S-1-5-21-225648569-1694930765-1264359465-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\SmartSaver+ 15</path><vendor>PUP.Optional.SmartSaver.A</vendor><action>success</action><hash>4dd551e9275590a65520a7be2dd6bd43</hash></key>
<value><path>HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS</path><valuename>ext@RichMediaViewV1release6352.net</valuename><vendor>PUP.Optional.RichMediaView.A</vendor><action>success</action><valuedata>C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff</valuedata><hash>061ce35792ea96a03798df722dd62cd4</hash></value>
<value><path>HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS</path><valuename>ext@TrustMediaViewerV1alpha206.net</valuename><vendor>PUP.Optional.TrustMediaViewer.A</vendor><action>success</action><valuedata>C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha206\ff</valuedata><hash>73afed4d8af258de728412344cb7a25e</hash></value>
<value><path>HKU\S-1-5-21-225648569-1694930765-1264359465-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES</path><valuename>DefaultScope</valuename><vendor>PUP.Optional.Snapdo.T</vendor><action>success</action><valuedata>{006ee092-9658-4fd6-bd8e-a21a348e59f5}</valuedata><hash>62c03bff413b74c2948c4bf9659e1ae6</hash></value>
<data><path>HKU\S-1-5-21-225648569-1694930765-1264359465-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Search Bar</valuename><vendor>PUP.Optional.SnapDo.A</vendor><action>replaced</action><valuedata>hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=61512a07-74f0-be6a-8691-4a4de1b276a8&searchtype=ds&q={searchTerms}&installDate=05/10/2013</valuedata><baddata>hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=61512a07-74f0-be6a-8691-4a4de1b276a8&searchtype=ds&q={searchTerms}&installDate=05/10/2013</baddata><gooddata>www.google.com</gooddata><hash>c35f8caecdaf62d46e9484b33cc955ab</hash></data>
<data><path>HKU\S-1-5-21-225648569-1694930765-1264359465-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH</path><valuename>Default_Search_URL</valuename><vendor>PUP.Optional.SnapDo.A</vendor><action>replaced</action><valuedata>hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=61512a07-74f0-be6a-8691-4a4de1b276a8&searchtype=ds&q={searchTerms}&installDate=05/10/2013</valuedata><baddata>hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=61512a07-74f0-be6a-8691-4a4de1b276a8&searchtype=ds&q={searchTerms}&installDate=05/10/2013</baddata><gooddata>www.google.com</gooddata><hash>061c92a8e29a46f0f70e6ec9a85de61a</hash></data>
<data><path>HKU\S-1-5-21-225648569-1694930765-1264359465-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH</path><valuename>SearchAssistant</valuename><vendor>PUP.Optional.SnapDo.A</vendor><action>replaced</action><valuedata>hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=61512a07-74f0-be6a-8691-4a4de1b276a8&searchtype=ds&q={searchTerms}&installDate=05/10/2013</valuedata><baddata>hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=61512a07-74f0-be6a-8691-4a4de1b276a8&searchtype=ds&q={searchTerms}&installDate=05/10/2013</baddata><gooddata>www.google.com</gooddata><hash>ef33a892df9ded493fc7ed4afc098b75</hash></data>
<data><path>HKU\S-1-5-21-225648569-1694930765-1264359465-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL</path><valuename>Default</valuename><vendor>PUP.Optional.SnapDo.A</vendor><action>replaced</action><valuedata>hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=61512a07-74f0-be6a-8691-4a4de1b276a8&searchtype=ds&q={searchTerms}&installDate=05/10/2013</valuedata><baddata>hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=61512a07-74f0-be6a-8691-4a4de1b276a8&searchtype=ds&q={searchTerms}&installDate=05/10/2013</baddata><gooddata>www.google.com</gooddata><hash>1111e3570b71a78f9c65d6613fc6c53b</hash></data>
<file><path>C:\Users\NABIL\Downloads\ac3filter_2_6_0b.exe</path><vendor>PUP.Optional.OpenCandy</vendor><action>success</action><hash>0a1861d975072115ce31eb028e73d42c</hash></file>
<file><path>C:\Users\NABIL\Downloads\SoftonicDownloader_fuer_nero-burning-rom.exe</path><vendor>PUP.Optional.Softonic.A</vendor><action>success</action><hash>c55dd7637efee94de2ebc1773bc6c937</hash></file>
<file><path>C:\Users\NABIL\Downloads\DTLite4471-0333.exe</path><vendor>PUP.Optional.OpenCandy</vendor><action>success</action><hash>968c1c1e3844ff37f4ace08836cf0df3</hash></file>
<file><path>C:\Users\NABIL\Downloads\flashplayerpro-setup (1).exe</path><vendor>PUP.Optional.BundleInstaller.A</vendor><action>success</action><hash>cc5626147903b97d3b2068e0986814ec</hash></file>
<file><path>C:\Users\NABIL\Downloads\flashplayerpro-setup.exe</path><vendor>PUP.Optional.BundleInstaller.A</vendor><action>success</action><hash>c26046f47dff69cdd68587c125db619f</hash></file>
<file><path>C:\Users\NABIL\Downloads\FLVPlayerSetup (1).exe</path><vendor>PUP.Optional.InstallCore</vendor><action>success</action><hash>b2708baf5d1f1224f0aafbf7749009f7</hash></file>
<file><path>C:\Users\NABIL\Downloads\FLVPlayerSetup.exe</path><vendor>PUP.Optional.InstallCore</vendor><action>success</action><hash>31f187b3abd1d3632c6eec068e76a55b</hash></file>
<file><path>C:\Users\NABIL\Downloads\GTA-5-CD-KEY_3.05.2.exe</path><vendor>PUP.Optional.OneInstaller</vendor><action>success</action><hash>52d076c47408f244ab73621f0ff21ae6</hash></file>
<file><path>C:\Users\NABIL\Downloads\Setup.exe</path><vendor>PUP.Optional.Freemium.A</vendor><action>success</action><hash>40e2ce6c5626e650305ad36cad5416ea</hash></file>
<file><path>C:\Users\NABIL\Downloads\SoftonicDownloader_fuer_ac3filter.exe</path><vendor>PUP.Optional.Softonic.A</vendor><action>success</action><hash>d052300a106c0b2beedf77c143be837d</hash></file>
<file><path>C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb</path><vendor>PUP.Optional.SearchProtect</vendor><action>success</action><hash>1b0763d7601ccb6be1dc7035c63e48b8</hash></file>
</items>
</mbam-log>
ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c61e3cf1e23ee64aa8eccdca73fef43b
# engine=21029
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-11 01:43:34
# local_time=2014-11-11 02:43:34 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 28995 167300064 0 0
# compatibility_mode_1='Emsisoft Anti-Malware'
# compatibility_mode=16642 16777213 100 100 7149 216912502 0 0
# scanned=201984
# found=42
# cleaned=0
# scan_time=3175
sh=65B1B3B6FA324779175F137BB589BF846F5F72C5 ft=1 fh=d87e9cab76457cee vn="Win32/Toolbar.SearchSuite.M evtl. unerwünschte Anwendung" ac=I fn="C:\$WINDOWS.~Q\DATA\Windows\SysWOW64\config\systemprofile\AppData\Local\Temp\nsp24F0.tmp\Starter.exe"
sh=CC7EBD4BA7795FD75313069A1DC445B27F3914CE ft=1 fh=f16081f84df83856 vn="Win32/Toolbar.SearchSuite.M evtl. unerwünschte Anwendung" ac=I fn="C:\$WINDOWS.~Q\DATA\Windows\SysWOW64\config\systemprofile\AppData\Local\Temp\nsp24F0.tmp\~nsa414B.tmp"
sh=FCE7690716A874C565611CDACCC01673147349B0 ft=1 fh=5c44dee634434d82 vn="Variante von MSIL/Adware.iBryte.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\RocketTab\Client.exe.vir"
sh=A065922E48E274F827BC8A04091A44632D498373 ft=1 fh=f3684398a5f5cf1b vn="Win64/Conedex.I Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Google\Desktop\Install\{d7e184a2-18e7-f1ee-c632-6349d03c442b}\9519~1\A535~1\E628~1\{d7e184a2-18e7-f1ee-c632-6349d03c442b}\U\00000008.@.vir"
sh=44C239840FB295279C2078E9E9CB7081FA517D19 ft=1 fh=b75aaecba1cb0f99 vn="Variante von Win32/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\PSupport\uninstall.exe.vir"
sh=D2061EEDF3ED49FD9CD94F484D3BE848CD46227D ft=1 fh=033505e84f213bbf vn="Variante von Win32/Toolbar.CrossRider.AY evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-2.exe.vir"
sh=709FB299B4A0A5BBA0072F5BB69D734E176D4B71 ft=1 fh=903404f51ed6679b vn="Variante von Win32/Toolbar.CrossRider.AX evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-4.exe.vir"
sh=A2993D4A136D510B3AF838814D1CD66D56A47FC5 ft=1 fh=e4e4e3a13329c606 vn="Variante von Win32/Toolbar.CrossRider.AY evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-5.exe.vir"
sh=0803FC30F73CCC06041B60E57260A7FF40BC8770 ft=1 fh=0a2c388a9a9fa06c vn="Variante von Win32/Toolbar.CrossRider.AY evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-6.exe.vir"
sh=2B7F75BEC530EEA3CD1C6321A421A9B6BD232D47 ft=1 fh=3d40e2856eb9e4f9 vn="Variante von Win64/Toolbar.Crossrider.K evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-64.exe.vir"
sh=4339361213DCFB23DC3CFEA40E22680B0EB55CC0 ft=1 fh=493651f7343d6bc6 vn="Variante von Win32/Toolbar.CrossRider.AY evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-7.exe.vir"
sh=C8B2CEC60214481EA8CB863B918E5FEB056D25F5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65.crx.vir"
sh=306F316CB72EA012F084C650EE6EE3E395DD1727 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65.xpi.vir"
sh=C8B2CEC60214481EA8CB863B918E5FEB056D25F5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\0524d87e-15d1-4175-9d5d-8ff069da3fa1.crx.vir"
sh=660079CE9B154351F9F72F47A0EF80F63D906895 ft=1 fh=c8b4d5a58893dc9c vn="Variante von Win32/Toolbar.CrossRider.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\0524d87e-15d1-4175-9d5d-8ff069da3fa1.dll.vir"
sh=4F1A1ECBC53648728576DC417328B2DD70532367 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.D evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\1293297481.mxaddon.vir"
sh=9685EAA3F8461BB78E66B5DE82821BEF92CA085A ft=1 fh=d8df130b7df81745 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\a78b6eae-0a2e-49bb-951f-7df820f906a1.dll.vir"
sh=D84525F80FE03B3899C008BB98470A4EAE11E807 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\d7f714fd-39c9-42c5-b936-c219f0405f7c.crx.vir"
sh=D81AEAD41699CADE10D283ACA0878917BCA47F16 ft=1 fh=fd2b15607023fea7 vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-bg.exe.vir"
sh=D2962C06A3EF79A1335348CCF9EF0275AF5D0D23 ft=1 fh=52714caa905c048c vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-bho.dll.vir"
sh=76408B9DD3B0F6EA1899BFF27CBAA6AD9857FD9F ft=1 fh=58961e204b569c1e vn="Variante von Win64/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-bho64.dll.vir"
sh=4339361213DCFB23DC3CFEA40E22680B0EB55CC0 ft=1 fh=493651f7343d6bc6 vn="Variante von Win32/Toolbar.CrossRider.AY evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-codedownloader.exe.vir"
sh=4B826FEE9670FCC0F1B4E89984F4D4B5BB7610DE ft=1 fh=18d3e6619224514e vn="Variante von Win32/Toolbar.CrossRider.AW evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\Uninstall.exe.vir"
sh=3899924EE3DB873BD76E70F0BB5341C6DFAB306A ft=1 fh=807a54f47accc1f7 vn="Win32/Packed.VMDetector.I evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\utils.exe.vir"
sh=E71D9DFF9B46932CFC6CAC43F971E287FFC980FF ft=1 fh=05d79a305027283e vn="Win32/OneInstaller.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\File System\006\t\00\00000000"
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\AppData\Roaming\ICWGRTHR"
sh=451F074BC7E799D776DE015CEC5EDB882A26662C ft=0 fh=0000000000000000 vn="Variante von Java/Adwind.E Trojaner" ac=I fn="C:\Users\NABIL\AppData\Roaming\test.jar"
sh=709FB299B4A0A5BBA0072F5BB69D734E176D4B71 ft=1 fh=903404f51ed6679b vn="Variante von Win32/Toolbar.CrossRider.AX evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Desktop\FRST\Quarantine\C\Users\NABIL\AppData\Roaming\GOO.exe.xBAD"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Desktop\FRST\Quarantine\C\Users\NABIL\AppData\Roaming\0F1L1I1P0H1L1E1E1F\DAEMON Tools Packages\uninstaller.exe"
sh=433528CD5B672F511CF3FB0EF2C644C66457FC4E ft=1 fh=65bc555556b874df vn="Variante von Win32/InstallCore.RA evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Desktop\FRST\Quarantine\C\Users\NABIL\Downloads\DTLite4491-0356_inst.exe.xBAD"
sh=7D87C2D280BC6D8D0CD3FB69718F3EB3437BAB29 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.AAA Trojaner" ac=I fn="C:\Users\NABIL\Desktop\FRST\Quarantine\C\Users\NABIL\Downloads\The.Sims.4.Update.3.and.Crack.v7.rar.xBAD"
sh=9D3D1058E3881097DA025B2D7F8CC261482D7C1B ft=1 fh=7bd79b6823683bac vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\64bit_Win7_Win8_Win81_R274 - CHIP-Installer.exe"
sh=1CC7430534BA7E26DA02CA2B89A4E2E92DA881D1 ft=1 fh=b92bf5d4a3842d70 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\Dropbox - CHIP-Downloader.exe"
sh=DBEB502DC305CEDD6F20478D072C94182CC45D61 ft=1 fh=69c72753d01502df vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\FRAPS - CHIP-Downloader.exe"
sh=2AC3D348D60A2A52448743287468EB00B27F7AE1 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="C:\Users\NABIL\Downloads\Keksonly.rar"
sh=7354F1E9CAF884F18FC243D0897051C21E912BFC ft=1 fh=323860dc43afa4b8 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\Nero 2014 - CHIP-Installer.exe"
sh=ABE781247F8B6E3DB7C06AB6DB7C14C928850AEF ft=1 fh=3d023e5296609c9b vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\PDF XChange Viewer - CHIP-Installer.exe"
sh=10C4E2EFBD9AC903C6DE6B2FCAA1B2E74947EEEB ft=1 fh=d4ef9a40403b3a5e vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\Samsung Android USB Composite Device Treiber - CHIP-Downloader.exe"
sh=84D10C5437EF79F11252841246EFD68C2704D77A ft=1 fh=d923723deb2048e6 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\Samsung Kies - CHIP-Downloader.exe"
sh=363F1AC0BF6514C3ACEC2A72692BC7B3480E25EE ft=1 fh=9840bf1f917718f4 vn="Variante von Win32/InstallCore.BY evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\WinZip175_mfse_fah.exe"
sh=4D6857A1CAE0FBC9CB9984D2D72A7401243BABA9 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.AAA Trojaner" ac=I fn="M:\Users\NABIL\Downloads\DS4DDEU3CV7-SE.part1.rar"
sh=D15635807CACFB8301DFB4E4D0BAB271818A6B0C ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.AAA Trojaner" ac=I fn="M:\Users\NABIL\Downloads\Sims_4_Crack.zip"
|
|
11.11.2014, 11:42
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bootzeit von Windows lange! [gelöst] Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\NABIL\Downloads\Dropbox - CHIP-Downloader.exe
C:\Users\NABIL\Downloads\FRAPS - CHIP-Downloader.exe
C:\Users\NABIL\Downloads\Keksonly.rar
C:\Users\NABIL\Downloads\Nero 2014 - CHIP-Installer.exe
C:\Users\NABIL\Downloads\PDF XChange Viewer - CHIP-Installer.exe
C:\Users\NABIL\Downloads\Samsung Android USB Composite Device Treiber - CHIP-Downloader.exe
C:\Users\NABIL\Downloads\Samsung Kies - CHIP-Downloader.exe
C:\Users\NABIL\Downloads\WinZip175_mfse_fah.exe
M:\Users\NABIL\Downloads\DS4DDEU3CV7-SE.part1.rar
M:\Users\NABIL\Downloads\Sims_4_Crack.zip
EmptyTemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.11.2014, 14:41
| #23 |
| | Bootzeit von Windows lange! [gelöst]Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2014 01
Ran by NABIL at 2014-11-11 14:38:59 Run:1
Running from C:\Users\NABIL\Desktop\FRST
Loaded Profile: NABIL (Available profiles: NABIL & Gast)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Users\NABIL\Downloads\Dropbox - CHIP-Downloader.exe
C:\Users\NABIL\Downloads\FRAPS - CHIP-Downloader.exe
C:\Users\NABIL\Downloads\Keksonly.rar
C:\Users\NABIL\Downloads\Nero 2014 - CHIP-Installer.exe
C:\Users\NABIL\Downloads\PDF XChange Viewer - CHIP-Installer.exe
C:\Users\NABIL\Downloads\Samsung Android USB Composite Device Treiber - CHIP-Downloader.exe
C:\Users\NABIL\Downloads\Samsung Kies - CHIP-Downloader.exe
C:\Users\NABIL\Downloads\WinZip175_mfse_fah.exe
M:\Users\NABIL\Downloads\DS4DDEU3CV7-SE.part1.rar
M:\Users\NABIL\Downloads\Sims_4_Crack.zip
EmptyTemp:
*****************
C:\Users\NABIL\Downloads\Dropbox - CHIP-Downloader.exe => Moved successfully.
C:\Users\NABIL\Downloads\FRAPS - CHIP-Downloader.exe => Moved successfully.
C:\Users\NABIL\Downloads\Keksonly.rar => Moved successfully.
C:\Users\NABIL\Downloads\Nero 2014 - CHIP-Installer.exe => Moved successfully.
C:\Users\NABIL\Downloads\PDF XChange Viewer - CHIP-Installer.exe => Moved successfully.
C:\Users\NABIL\Downloads\Samsung Android USB Composite Device Treiber - CHIP-Downloader.exe => Moved successfully.
C:\Users\NABIL\Downloads\Samsung Kies - CHIP-Downloader.exe => Moved successfully.
C:\Users\NABIL\Downloads\WinZip175_mfse_fah.exe => Moved successfully.
M:\Users\NABIL\Downloads\DS4DDEU3CV7-SE.part1.rar => Moved successfully.
M:\Users\NABIL\Downloads\Sims_4_Crack.zip => Moved successfully.
EmptyTemp: => Removed 216.6 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
|
|
11.11.2014, 16:28
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bootzeit von Windows lange! [gelöst] Sieht soweit ok aus  Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.11.2014, 17:50
| #25 |
| | Bootzeit von Windows lange! [gelöst] Ich danke dir wirklich vom ganzen Herzen mein Pc bootet wieder sowas von schnell yuhu Eine Sache ist da noch ich weiß nicht, ob mir hier geholfen werden kann... Mein Lüfter ist sehr laut ich weiß nicht woher das kommt der war zu Anfang leise. Staub hat der nicht kann mir nicht vorstellen was das sein könnte.. |
|
11.11.2014, 21:31
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bootzeit von Windows lange! [gelöst] Das ist ein Thema für unseren Hardwarebereich => Netzwerk und Hardware - Trojaner-Board Dann wären wir durch! Falls du noch Lob oder Kritik loswerden möchtest => Lob, Kritik und Wünsche - Trojaner-Board Die Programme, die hier zum Einsatz kamen, können alle deinstalliert werden. Es empfiehlt sich Malwarebytes Anti-Malware zu behalten und damit wöchentlich nach Malware zu scannen. Helfen kann dir dabei delfix: Die Reihenfolge ist hier entscheidend.
Bitte abschließend noch die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Start, Systemsteuerung, Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks findest du hier => Browsers and Plugins - FilePony.de Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
Linear-Darstellung
