Laptop/Rechner bootet und arbeitet langsam..

M-K-D-B · 11.09.2016, 09:04

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zitat:

Zitat von nabil21

leider sind öfters mein jüngerer Bruder und Schwager an dem Rechner und Laptop und wer weiss was die das machen....

Sowas wäre für mich ein "No-Go"...

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

nabil21 · 11.09.2016, 18:40

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von NABIL (Administrator) auf NABIL-PC (11-09-2016 19:37:11)
Gestartet von C:\Users\NABIL\Downloads
Geladene Profile: NABIL (Verfügbare Profile: NABIL & asd & bazet & Gast & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start101\Start10Srv.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Windows\KMS-R@1n.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start101\Start10_64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDFCreate8\PdfCreate8Hook.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Valve Corporation) M:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\KMS-R@1nhook.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16697352 2016-08-26] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1517088 2014-09-22] (ABBYY Production LLC.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2631120 2016-07-28] (Malwarebytes Corporation)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC.)
HKLM-x32\...\Run: [OmniPage Preload] => C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe [3021528 2014-11-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance OmniPage Ultimate-reminder] => "C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\OmniPage Ultimate\Ereg\Ereg.ini"
HKLM-x32\...\Run: [PDFCreHook] => C:\Program Files (x86)\Nuance\PDFCreate8\pdfcreate8hook.exe [1109016 2014-11-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF8 Registry Controller] => C:\Program Files (x86)\Nuance\PDFCreate8\RegistryController.exe [189976 2014-11-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-07-28] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-06-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll [2013-08-08] (Gladinet, INC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2016-04-06]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nuance Cloud Connector.lnk [2016-02-23]
ShortcutTarget: Nuance Cloud Connector.lnk -> C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{281f7690-3078-4910-b67d-7743d4eb2a9a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F37B658C-DD8B-4CF0-8B0B-6CE9D411B48F}: [NameServer] 208.67.222.222 208.67.220.220

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO-x32: ZeonIEEventHelper Class -> {C7DA0384-42AA-428c-B832-88AC343DE1A8} -> C:\Program Files (x86)\Nuance\PDFCreate8\Bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Nuance PDF - {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - C:\Program Files (x86)\Nuance\PDFCreate8\Bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-225648569-1694930765-1264359465-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-30] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> m:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-25] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-30] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-03-18] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-225648569-1694930765-1264359465-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Extension: (Kein Name) - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff [nicht gefunden]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-02-22] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-06-01]

Chrome: 
=======
CHR Profile: C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-01]
CHR Extension: (Google-Suche) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Adblock Plus) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\fancjlijdfajbmighlldmgmeobfmempn [2015-03-23]
CHR Extension: (Google Docs Offline) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR Extension: (Google Mail) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4907232 2014-12-01] (Emsisoft GmbH)
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [961744 2014-07-13] (ABBYY Production LLC)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-24] () [Datei ist nicht signiert]
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 Asus Product Register Service; C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe [62128 2012-09-11] () [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1145216 2015-05-19] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-11-27] (Digital Wave Ltd.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [30032 2013-08-08] (Gladinet, INC)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-02-11] () [Datei ist nicht signiert]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [750032 2016-07-28] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\RpcAgentSrv.exe [73200 2015-02-15] (SiSoftware) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 Start10; C:\Program Files (x86)\Stardock\Start101\Start10Srv.exe [219664 2015-02-03] (Stardock Software, Inc)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [Datei ist nicht signiert]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [124168 2016-01-19] (Wondershare)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-12-22] (Advanced Micro Devices)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-10] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [531424 2015-12-22] (Intel Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [74984 2016-07-28] ()
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-11-08] (REALiX(tm))
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-03-14] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-12-22] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-04-30] ()
U4 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-11 19:37 - 2016-09-11 19:37 - 00032527 _____ C:\Users\NABIL\Downloads\FRST.txt
2016-09-11 19:37 - 2016-09-11 19:37 - 00000000 ____D C:\FRST
2016-09-11 19:36 - 2016-09-11 19:36 - 02397696 _____ (Farbar) C:\Users\NABIL\Downloads\FRST64.exe
2016-09-04 20:53 - 2016-09-04 20:53 - 00005208 _____ C:\Users\NABIL\Downloads\relink.to__Rampage_2009_German_DTS_DL_1080p_BluRay_x264_-_SoW_158023ecdb764581577579d64a4c06.dlc
2016-09-04 20:19 - 2016-09-04 20:19 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-09-04 20:19 - 2016-08-26 09:18 - 72520720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-09-04 20:19 - 2016-08-26 09:18 - 24414760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 24323312 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 17377488 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 15202040 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 14057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 13122584 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 12988352 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 10534696 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 06947183 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-09-04 20:19 - 2016-08-26 09:18 - 06374320 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05793528 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05593616 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05341352 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05293064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-09-04 20:19 - 2016-08-26 09:18 - 03299824 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03291320 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03203592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03134720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02895104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-09-04 20:19 - 2016-08-26 09:18 - 02825104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02776224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02706864 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02439048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02203752 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02110600 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02073096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01920820 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2016-09-04 20:19 - 2016-08-26 09:18 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01607136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01529144 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01422928 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01360520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01337648 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01213664 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01186840 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01166160 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01115144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01041744 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01001800 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00999856 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00965032 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00962136 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00864344 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00858200 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00854032 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00725944 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00678184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00618192 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00601144 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00571376 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00498648 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00472312 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00467160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00447184 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00438696 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CAF64APO2.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00416512 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00372744 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00366128 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00203848 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00190936 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00190936 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00179600 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00154368 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00112496 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Caf64api.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00005604 _____ C:\WINDOWS\system32\cxapo.lncs
2016-09-04 20:19 - 2016-08-26 09:18 - 00000736 _____ C:\WINDOWS\system32\cxapo.prop
2016-09-04 20:13 - 2016-04-11 13:38 - 02838232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-09-04 20:04 - 2016-09-04 20:08 - 348623152 _____ C:\Users\NABIL\Downloads\7917_PG448_Win10_TH_RS_Win8.1_Win8_Win7_WHQL.zip
2016-09-04 20:03 - 2016-09-04 20:03 - 01474568 _____ C:\Users\NABIL\Downloads\Realtek HD Audio Treiber inoffizielle WHQL Treiber - CHIP-Installer.exe
2016-09-04 20:02 - 2016-09-04 20:09 - 131494359 _____ (Realtek Semiconductor Corp.) C:\Users\NABIL\Downloads\0006-64bit_Win7_Win8_Win81_Win10_R279.exe
2016-08-21 20:23 - 2016-08-21 20:23 - 00000219 _____ C:\Users\NABIL\Desktop\Counter-Strike Global Offensive.url
2016-08-15 21:49 - 2016-08-15 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-08-14 20:54 - 2016-08-14 20:54 - 00110244 _____ C:\WINDOWS\Minidump\081416-17609-01.dmp
2016-08-14 17:29 - 2016-08-14 17:29 - 00000000 ____D C:\Program Files\ATI Technologies
2016-08-14 17:28 - 2016-09-04 20:20 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-08-12 01:07 - 2016-08-12 01:07 - 08892696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 08738920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 07115928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00479368 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00164280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00159088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00154920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00138688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00138176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00123120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00123104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 48819200 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 38266368 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 32555512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 27489280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 26639360 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 21641216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 15729152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 14320128 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 08830456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 08627704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 07076352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02376704 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02286584 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02147328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 01837568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00883192 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00751616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00627192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00459776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00402944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00350208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00292352 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00287744 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00275968 _____ C:\WINDOWS\system32\GameManager64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00270336 _____ C:\WINDOWS\system32\clinfo.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00268792 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00249336 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00241152 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00234496 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00231424 _____ C:\WINDOWS\system32\atieah64.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00222208 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00209408 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00202744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00201728 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00181760 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00176640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00159736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00137208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00135168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00130560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00123896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00118784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00113664 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00111616 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00109568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00104448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00083960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00079864 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00069632 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00068608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00068096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00067584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00066560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00060920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00055800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00021496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-11 19:36 - 2015-07-26 23:01 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\TS3Client
2016-09-11 19:32 - 2013-10-25 18:03 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-11 19:16 - 2013-10-19 03:04 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-11 18:42 - 2015-08-27 14:42 - 00000911 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job
2016-09-11 18:42 - 2015-08-27 14:42 - 00000725 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job
2016-09-11 18:40 - 2013-10-08 21:23 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\vlc
2016-09-11 12:32 - 2013-10-25 18:03 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-11 10:32 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-10 14:30 - 2016-02-23 01:50 - 00000000 ____D C:\Users\NABIL\AppData\Local\gladinet
2016-09-10 14:28 - 2014-04-17 17:43 - 00000000 ____D C:\ProgramData\TEMP
2016-09-10 14:27 - 2016-01-03 17:42 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\Skype
2016-09-10 14:10 - 2016-02-21 13:31 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-10 14:10 - 2014-03-19 17:30 - 00000000 ____D C:\Users\NABIL\AppData\Local\JDownloader 2.0
2016-09-09 14:58 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-08 20:38 - 2015-11-08 01:18 - 00003978 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1446938337
2016-09-08 20:38 - 2015-11-08 01:18 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-09-08 20:38 - 2015-11-08 01:18 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-08 02:29 - 2016-01-27 18:45 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-09-04 20:27 - 2016-04-30 07:23 - 02089750 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-04 20:27 - 2016-02-13 18:59 - 00889234 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-04 20:27 - 2016-02-13 18:59 - 00197816 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-04 20:27 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-04 20:23 - 2013-11-12 22:14 - 00000000 ____D C:\ProgramData\AMD
2016-09-04 20:22 - 2014-11-08 04:57 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2016-09-04 20:21 - 2016-02-13 19:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-04 20:20 - 2016-04-30 07:22 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-09-04 20:20 - 2015-10-30 08:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-09-04 20:20 - 2013-10-05 03:00 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-09-04 20:19 - 2016-04-30 07:22 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-09-04 19:59 - 2015-07-26 23:01 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-09-01 09:14 - 2016-06-17 22:09 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-09-01 03:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-01 03:00 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-31 16:00 - 2016-04-30 07:23 - 00000000 ____D C:\Users\NABIL
2016-08-24 14:11 - 2016-06-05 19:08 - 00000000 ____D C:\Users\NABIL\Desktop\absagen vom 05.06.16
2016-08-24 13:47 - 2013-11-06 21:41 - 00000000 ____D C:\Users\NABIL\AppData\Local\Packages
2016-08-24 00:26 - 2013-10-25 16:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-08-15 21:49 - 2015-11-10 09:46 - 00002009 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-08-15 21:49 - 2015-11-10 09:46 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-08-15 10:01 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-14 22:47 - 2013-10-07 15:17 - 00000000 ____D C:\Users\NABIL\AppData\Local\ElevatedDiagnostics
2016-08-14 20:54 - 2016-07-27 17:51 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-14 17:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-14 17:29 - 2016-04-30 07:23 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-14 17:29 - 2016-04-30 07:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-08-14 17:29 - 2016-04-30 07:23 - 00000000 ____D C:\Program Files (x86)\AMD
2016-08-14 17:28 - 2016-04-30 07:22 - 00000000 ____D C:\Program Files\AMD
2016-08-14 17:28 - 2014-05-28 01:55 - 00000000 ____D C:\AMD
2016-08-12 01:07 - 2016-04-23 00:56 - 10995344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 10317568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 09340136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 09131736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 07258160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 01547544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 01273928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 00183952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 00152800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 00137224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-08-12 01:06 - 2016-04-23 00:56 - 26706432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-08-12 01:06 - 2016-04-23 00:56 - 01323008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-08-12 01:06 - 2016-04-23 00:56 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-08-12 01:06 - 2016-04-23 00:56 - 00521728 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-08-12 01:06 - 2016-04-23 00:56 - 00518656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-08-12 01:06 - 2016-04-23 00:56 - 00287232 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-15 18:56 - 2015-09-15 18:56 - 0000000 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-09-15 18:56 - 2015-09-15 18:56 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD
2015-03-01 04:43 - 2015-03-01 05:31 - 14848000 _____ () C:\Users\NABIL\AppData\Roaming\Sandra.mdb
2016-04-30 07:22 - 2016-04-30 07:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\asd\AppData\Local\Temp\proxy_vole2008580591415989544.dll
C:\Users\asd\AppData\Local\Temp\proxy_vole5313419656434273934.dll
C:\Users\asd\AppData\Local\Temp\proxy_vole6505369171543915562.dll
C:\Users\NABIL\AppData\Local\Temp\i4jdel0.exe
C:\Users\NABIL\AppData\Local\Temp\MSETUP4.EXE
C:\Users\NABIL\AppData\Local\Temp\proxy_vole5631846365696866387.dll
C:\Users\NABIL\AppData\Local\Temp\proxy_vole571332217995924973.dll
C:\Users\NABIL\AppData\Local\Temp\proxy_vole576922321117719755.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-09 20:18

==================== Ende von FRST.txt ============================

nabil21 · 11.09.2016, 18:41

Code:

ATTFilter

ZusÃ¤tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgefÃ¼hrt von NABIL (11-09-2016 19:37:51)
Gestartet von C:\Users\NABIL\Downloads
Windows 10 Pro Version 1511 (X64) (2016-04-30 05:33:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-225648569-1694930765-1264359465-500 - Administrator - Disabled)
asd (S-1-5-21-225648569-1694930765-1264359465-1004 - Administrator - Enabled) => C:\Users\asd
bazet (S-1-5-21-225648569-1694930765-1264359465-1008 - Administrator - Enabled) => C:\Users\bazet
DefaultAccount (S-1-5-21-225648569-1694930765-1264359465-503 - Limited - Disabled)
Gast (S-1-5-21-225648569-1694930765-1264359465-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-225648569-1694930765-1264359465-1002 - Limited - Enabled)
NABIL (S-1-5-21-225648569-1694930765-1264359465-1000 - Administrator - Enabled) => C:\Users\NABIL

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Disabled - Out of date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Disabled - Out of date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" kÃ¶nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.426 - ABBYY Production LLC)
Adblock IE 2.3 (HKLM\...\{58161756-037B-42CD-B575-AF804A2F0F47}) (Version: 2.3.1756 - MGTEK)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{C1F3739C-D31D-4062-8788-29261C4A2A68}) (Version: 12.2.4.194 - Adobe Systems, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.0 - Sereby Corporation)
AMD Catalyst Install Manager (HKLM\...\{14D58A97-B60E-A858-34D8-95469C02F7EC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06 (HKLM-x32\...\Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06) (Version:  - )
Assassin's Creed Unity Gold Edition MULTi2 1.0 (HKLM-x32\...\Assassin's Creed Unity Gold Edition MULTi2 1.0) (Version:  - )
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.017 - ASUSTek Computer Inc.)
Batman: Arkham Cityâ„¢ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broken Sword 5 - the Serpent's Curse (HKLM-x32\...\GOGPACKBROKENSWORD5EP1EP2_is1) (Version: 2.0.0.2 - GOG.com)
Bully - Scholarship Edition (HKLM-x32\...\Bully - Scholarship Edition_is1) (Version:  - )
Call of Duty Black Ops III Version 1.0 (HKLM-x32\...\{322C0A98-947C-4EB4-A48B-C8C818B137C8}_is1) (Version: 1.0 - Activision Blizzard)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version:  - â€*Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CrystalDiskInfo 6.1.8 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.8 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dead or Alive 5 Last Round Version 1.02A u1 (HKLM-x32\...\{344CBB83-6CB8-4B68-ACC0-56C41F292D5B}_is1) (Version: 1.02A u1 - Koei Tecmo)
Deponia The Complete Journey MULTi2 3.3.0155 (HKLM-x32\...\Deponia The Complete Journey MULTi2 3.3.0155) (Version:  - )
Die Sims 4 Digital Deluxe Edition ReRelease Incl. Update 13 MULTi2 v1.13.104.1220 (HKLM-x32\...\Die Sims 4 Digital Deluxe Edition ReRelease Incl. Update 13 MULTi2 v1.13.104.1220) (Version:  - )
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Emily Wants To Play (HKLM-x32\...\Emily Wants To Play_is1) (Version:  - )
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
Epson Benutzerhandbuch WF-2010 Series (HKLM-x32\...\WF-2010 Series Useg) (Version:  - )
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-2010 Series (HKLM-x32\...\WF-2010 Series Netg) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-HandbÃ¼cher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Dailymotion Download (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.55.1127 - DVDVideoSoft Ltd.)
Free Driver Scout (HKLM-x32\...\{50a7e828-15d3-40e6-a37d-22d5c5357878}) (Version: 1.0.0.0 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.0 - Covus Freemium) Hidden
Free YouTube to MP3 Converter version 3.12.59.505 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.505 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
HarryPotter und der Stein der Weisen (HKLM-x32\...\HarryPotter und der Stein der Weisen1.1) (Version: 1.1 - TheRaven1)
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{1EF24D7D-7B14-4EBA-A686-9E91C9C6763D}) (Version: 4.1.40.2143 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java SE Development Kit 8 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180650}) (Version: 8.0.650.17 - Oracle Corporation)
Java SE Development Kit 8 Update 92 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180920}) (Version: 8.0.920.14 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lexware Info Service (HKLM-x32\...\{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}) (Version: 2.80.00.0007 - Haufe-Lexware GmbH & Co.KG)
Life is Strange Complete First Season Version 1.0.0.371598 (HKLM-x32\...\{D5DF0D21-62C1-46E0-BD21-4E3DAE94DA32}_is1) (Version: 1.0.0.371598 - Square Enix)
Malwarebytes Anti-Exploit version 1.8.1.2572 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.2572 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.376.2 - McAfee, Inc.)
Metal Gear Solid 5 The Phantom Pain MULTI8 1.005 (HKLM-x32\...\Metal Gear Solid 5 The Phantom Pain MULTI8 1.005) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools fÃ¼r Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mortal Kombat X Premium Edition MULTi2 1.0 (HKLM-x32\...\Mortal Kombat X Premium Edition MULTi2 1.0) (Version:  - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst (HKLM-x32\...\Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst_is1) (Version:  - )
Nero 2014 (HKLM-x32\...\{A618CE26-1E36-4FA4-A1F4-D079DC6022B8}) (Version: 15.0.08500 - Nero AG)
Nero 2015 Content Pack (HKLM-x32\...\{55192BC6-EDBA-4F48-A2C4-3D164E41AF55}) (Version: 16.0.00300 - Nero AG)
Nero Burning ROM 2014 (HKLM-x32\...\{A4DC74AA-F4DF-48B9-AA4B-C30CA0DBCA33}) (Version: 15.0.04600 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nuance Cloud Connector (HKLM-x32\...\{128FBB62-9750-4C08-ABF9-47D73D9A3918}) (Version: 3.2.1084 - Nuance Communications, Inc.)
Nuance OmniPage Ultimate (HKLM-x32\...\{17223DA4-6B76-439E-BD49-5940FAD8AE19}) (Version: 19.16.0000 - Nuance Communications, Inc.)
Nuance PDF Create 8 (HKLM\...\{CB5B66BC-406C-4C1F-913D-A06E83C7CD81}) (Version: 8.20.6418 - Nuance Communications, Inc.)
Nuance PDF Create 8 (HKLM-x32\...\{CB5B66BC-406C-4C1F-913D-A06E83C7CD81}) (Version: 8.20.6418 - Nuance Communications, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 39.0.2256.71 (HKLM-x32\...\Opera 39.0.2256.71) (Version: 39.0.2256.71 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Outils de vÃ©rification linguistique 2013 de Microsoft OfficeÂ*- FranÃ§ais (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.0 - Tracker Software Products Ltd)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7917 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
Runaway - A Road Adventure (HKLM-x32\...\GOGPACKRUNAWAY_is1) (Version: 2.0.0.3 - GOG.com)
Saints Row IV Game of the Century Edition 1.0 (HKLM-x32\...\Saints Row IV Game of the Century Edition 1.0) (Version:  - )
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Scansoft PDF Create (x32 Version:  - ) Hidden
ScummVM 1.6.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Sherlock Holmes Crimes and Punishments German Subbed Edition 1.0 (HKLM-x32\...\Sherlock Holmes Crimes and Punishments German Subbed Edition 1.0) (Version:  - )
Sherlock Holmes: The Devil's Daughter (HKLM\...\Steam App 350640) (Version:  - Frogwares)
SiSoftware Sandra Lite 2015.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.27.2015.2 - SiSoftware)
Skypeâ„¢ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.) Hidden
South Park - The Stick of Truth Version 1.0.1353 (HKLM-x32\...\{83736891-79AE-49BA-96F5-55DD6F2186AC}_is1) (Version: 1.0.1353 - Ubisoft)
SSD Tweaker version 3.0.5 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.0.5 - Elpamsoft.com)
Stardock Start10 (HKLM\...\Start10_is1) (Version: 1.0 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steamless Counter Strike Source Pack (HKLM-x32\...\Steamless Counter Strike Source Pack) (Version: 1.0 - Steamless)
Street Fighter V Deluxe Edition MULTi13 1.0 (HKLM-x32\...\Street Fighter V Deluxe Edition MULTi13 1.0) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Book of Unwritten Tales Collection Version 1.0 (HKLM-x32\...\{552EE0FA-C570-4283-9E79-358A95068DCA}_is1) (Version: 1.0 - Nordic Games)
The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02 (HKLM-x32\...\The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02) (Version:  - )
Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0 (HKLM-x32\...\Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0) (Version:  - )
Ultra Street Fighter IV (HKLM-x32\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version:  - Microsoft)
Valiant Hearts: The Great War (HKLM-x32\...\VmFsaWFudEhlYXJ0c1RoZUdyZWF0V2Fy_is1) (Version: 1 - )
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Vocalizer (HKLM-x32\...\{7F267540-71F7-4FC0-A39D-DD0206142814}) (Version: 19.16.0000 - Nuance Communications, Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wondershare MobileGo(Version 8.2.0) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.2.0 - Wondershare)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01955A10-3280-46FE-B295-16984CFF4AB3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {0CE42A92-4C76-4FD1-83EE-B48021CBA13F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {163A17B5-F3DE-486E-9FD8-AE460A042434} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\XmasPromote.exe
Task: {1BDC3015-055B-4643-A612-B548F44B3168} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {1D6EAC2C-CCCC-48D3-A9B2-0BF073A859DD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {1F55AC57-5BA5-4A77-8512-E48E7F663F7A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {1FA75676-E7D0-44FA-A6E4-D1CC7124E499} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2219BAF3-970C-442B-AA03-6D10302BA04F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {25E967C3-EA75-4CB8-9FCC-0AE64DE1D754} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {2776DC5D-B0AC-4588-AB90-45257F175B71} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {27B49083-4E57-43A3-8339-DF6843AB4125} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {2F910DE1-C01D-4F91-9672-CA57A347D8A0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {30EE4FCD-E88C-4FFB-B957-A3D82F648A03} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {348F3260-4BAE-4743-A9D1-B023A55EE5E3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {37EEDB11-5C90-47E8-B40F-144D8F9FEA33} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {40FCA32E-2588-4671-A0E1-8E12C100365B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {5113B6CC-4DE8-44AF-9599-C0219896EAB8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {5B6CC23A-D5C6-4522-B4DF-D1F35D4DFA74} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {5EF0F301-E74A-461C-813D-D5298404EB44} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {6B05F11A-0FAA-459F-8398-5A68E112F578} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7499461B-5DC4-4C2A-8990-F17947981EE7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {781B7E50-8B6D-4764-8AFA-46E8C7417708} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {78C2FD3D-5725-47D8-9751-10D343A2894F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {7AF61DD3-4CD4-4508-97E1-778984972570} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {7ED06AB3-3419-4D6E-9C9D-0856A9156FF4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7F34203D-7E5A-4698-9622-D093B9BBFA68} - System32\Tasks\{77584C26-73F5-4330-9F49-0396C6D171AE} => pcalua.exe -a C:\Users\NABIL\AppData\Roaming\key-find\UninstallManager.exe -c  -ptid=cvs
Task: {876EA98A-187D-4A26-8183-339326B7D990} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8775F958-4DC9-4F38-82B3-381C6FF519B6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-30] (Adobe Systems Incorporated)
Task: {96771FD7-B11F-43D3-B439-011C2B276961} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {97432494-44EB-4E0E-BAB5-1A73A165C1FE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {9CD4DDF6-33D0-4174-A137-9A84D7B4B263} - System32\Tasks\Opera scheduled Autoupdate 1446938337 => C:\Program Files (x86)\Opera\launcher.exe [2016-09-05] (Opera Software)
Task: {A49341F1-6E31-4579-A298-5EEC4CBCDC01} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {A7F242A1-2D4C-49E1-A99B-BA4F6A5EE323} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {AC238CCC-371E-426B-9944-E423D0302CD1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {B27D50C5-906A-4AD6-BE29-AAD1BD3EB5D7} - System32\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {B6FB57AF-5104-4E12-9FD5-88D761B2AED5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {CF27364E-6CD6-49E3-BE7A-BDBBAE6AAF2D} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {D27BE5C6-A5F6-4031-ABA9-429A3E82A67F} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {D57EF4A8-1624-4244-814F-A2B2F632642C} - System32\Tasks\R@1n-KMS\Office15ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="b322da9c-a2e2-4058-9e4e-f59a6970bd69") call Activate]
Task: {DBCCFDB7-E380-42A4-82BA-B20BC69765B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {F9DB0870-59E2-4373-90D5-AE97BB6D64C7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {FCB0CF30-3917-45CE-AA1D-466F4D9E1D17} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{00138945-9C65-4A60-B651-17E309D19196} /F:Update SYSTEMÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{92EF7091-E3AF-4879-84FE-EE26D1C3216F} /F:Update SYSTEMÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== VerknÃ¼pfungen =============================

(Die EintrÃ¤ge kÃ¶nnen gelistet werden, um sie zurÃ¼ckzusetzen oder zu entfernen.)

Shortcut: C:\Users\NABIL\Desktop\Metal Gear Solid 5 The Phantom Pain TimeZone geÃ¤ndert.lnk -> M:\Program Files (x86)\Metal Gear Solid 5 The Phantom Pain\MGS TimeZone geÃ¤ndert.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2016-02-11 19:58 - 2016-02-11 19:58 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2012-09-11 17:27 - 2012-09-11 17:27 - 00062128 _____ () C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-17 22:09 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-08-08 05:03 - 2013-08-08 05:03 - 00222544 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
2016-06-24 12:51 - 2016-06-24 12:51 - 00138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-12 23:54 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-12 23:54 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 23:55 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-12 23:54 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-12 23:54 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-12 23:54 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-12 23:54 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-08-25 17:48 - 2016-08-25 17:48 - 03763712 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-04-30 10:34 - 2016-04-30 10:34 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2014-02-28 11:14 - 2016-09-04 19:59 - 00174872 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-08-04 15:43 - 2016-09-04 19:59 - 00103192 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 15:43 - 2016-09-04 19:59 - 00107800 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-08-04 15:46 - 2016-09-04 19:59 - 00312088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 15:46 - 2016-09-04 19:59 - 00485656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2016-02-11 19:58 - 2016-02-11 19:58 - 00004608 _____ () C:\WINDOWS\KMS-R@1nhook.exe
2016-02-11 19:58 - 2016-02-11 19:58 - 00003584 _____ () C:\WINDOWS\KMS-QADhook.dll
2013-08-08 04:53 - 2013-08-08 04:53 - 00293200 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\sqlite3.dll
2013-08-08 04:53 - 2013-08-08 04:53 - 00080208 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\zlib125.dll
2013-08-08 04:53 - 2013-08-08 04:53 - 00016720 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSMui.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-11-08 01:54 - 2014-10-16 04:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-08-08 23:33 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-08 23:33 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-08 04:54 - 2013-08-08 04:54 - 00158032 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSMui_GER.dll
2013-08-08 04:57 - 2013-08-08 04:57 - 00252240 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSBr_nuance.dll
2016-04-30 10:34 - 2016-04-30 10:34 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-30 10:34 - 2016-04-30 10:34 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2014-06-17 23:16 - 2015-12-15 07:54 - 00782336 _____ () M:\Program Files (x86)\Steam\SDL2.dll
2015-03-01 23:03 - 2015-07-03 18:12 - 04962816 _____ () M:\Program Files (x86)\Steam\v8.dll
2014-06-17 23:16 - 2016-02-04 23:02 - 02546768 _____ () M:\Program Files (x86)\Steam\video.dll
2015-03-01 23:03 - 2015-07-03 18:12 - 01556992 _____ () M:\Program Files (x86)\Steam\icui18n.dll
2015-03-01 23:03 - 2015-07-03 18:12 - 01187840 _____ () M:\Program Files (x86)\Steam\icuuc.dll
2015-03-01 23:03 - 2015-09-24 02:33 - 02549248 _____ () M:\Program Files (x86)\Steam\libavcodec-56.dll
2015-03-01 23:03 - 2015-09-24 02:33 - 00491008 _____ () M:\Program Files (x86)\Steam\libavformat-56.dll
2015-03-01 23:03 - 2015-09-24 02:33 - 00332800 _____ () M:\Program Files (x86)\Steam\libavresample-2.dll
2015-03-01 23:03 - 2015-09-24 02:33 - 00442880 _____ () M:\Program Files (x86)\Steam\libavutil-54.dll
2015-03-01 23:03 - 2015-09-24 02:33 - 00485888 _____ () M:\Program Files (x86)\Steam\libswscale-3.dll
2014-06-17 23:16 - 2016-02-04 23:01 - 00802896 _____ () M:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-26 22:59 - 2015-12-30 03:51 - 00208896 _____ () M:\Program Files (x86)\Steam\bin\openvr_api.dll
2014-06-17 23:16 - 2016-01-06 03:52 - 48387872 _____ () M:\Program Files (x86)\Steam\bin\libcef.dll
2015-03-01 23:03 - 2015-09-25 01:56 - 00119208 _____ () M:\Program Files (x86)\Steam\winh264.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\AcroTray.deu

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:A303874F [173]
AlternateDataStreams: C:\Users\NABIL\Downloads\amddriverdownloader.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\CrystalDiskInfo6_1_8-en.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\everesthome220.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\UseNeXTSetup_5.62.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\WebInstallerJD2_c.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== VerknÃ¼pfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt.)


==================== Internet Explorer VertrauenswÃ¼rdig/EingeschrÃ¤nkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7863 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benÃ¶tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurÃ¼ckzusetzen.)

2009-07-14 04:34 - 2016-08-15 21:49 - 00000064 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
0.0.0.1	mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

HKU\S-1-5-21-225648569-1694930765-1264359465-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\NABIL\Desktop\burj_khalifa_tower_dubai-wide.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte EintrÃ¤ge ==

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iSCTsysTray.lnk => C:\Windows\pss\iSCTsysTray.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Bonus.SSR.FR12"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{47907086-4A48-41BC-873D-7E04F85AAB97}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{821FAD4C-70A5-4958-87EF-5DB5A596892B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{93C5A410-107B-4CCE-AE3C-6D100F2FDAC7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{672A3998-93DA-4F64-A4E3-257C81B3E635}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{278F36E3-E5E5-496D-9967-86C892CB0535}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [TCP Query User{61F0B3D8-6E05-4631-B607-765D7888E1B3}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [{DFE35632-8DAB-41EB-AA84-01F9977553B9}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [{C76F638A-9504-42D7-A763-B3F7C7C77A4D}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [{3FA6F97C-FD99-443D-B260-7E179B357C71}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{94D1B07C-EDAF-4C90-8CC3-5785A62BEC09}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{33FC0D78-00E7-4EE7-826F-357D76533C66}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{3191DBD4-99B4-4FA6-94B8-51273941163D}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{188F0954-4EC3-4399-83F6-EE0BF23AE077}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
FirewallRules: [{4C434557-268B-4506-8795-E89E79BDC932}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
FirewallRules: [{022D5197-F34E-469E-AF46-4EBF7D76F20B}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\PPMV.exe
FirewallRules: [{C19E7C2E-71DE-4E7D-9003-455B4F7AF125}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\PPMV.exe
FirewallRules: [{8F0D9833-8AF0-4F46-ACA3-C18E8E68626D}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
FirewallRules: [{B2DF9200-F7FB-4ACE-ADFE-93A335FFDED7}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
FirewallRules: [{9132CCF3-4021-44E6-BB4F-750D84997DCE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7C628337-5393-4F4D-8B3A-0FC8A0871292}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{03C5A55C-FEDA-4462-B1A6-7A5125C08CD3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E126A09-ED1B-4853-9FD3-7F730C3A7720}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{654A073E-6ED1-4003-8F42-5F7EB86A0D98}M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{C978A76E-96DC-413F-8615-462A2C9BBABF}M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{B8231BBE-8C3E-434C-85CD-600F133918B2}C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{C1B67484-1EFA-4BCE-BF47-57706EF1AA68}C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{7EF7F052-A6A9-443E-9F38-54442346F206}M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe] => (Allow) M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [TCP Query User{0D6A2E0E-9E9B-4A8E-822F-36F70C8168E0}M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe] => (Allow) M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [UDP Query User{EEAE159A-8B3C-4675-87AE-3BD636F1750A}C:\program files (x86)\steamless counterstrikesource pack\hl2.exe] => (Block) C:\program files (x86)\steamless counterstrikesource pack\hl2.exe
FirewallRules: [TCP Query User{021BE0C6-E61D-4499-952C-FE8DB4E21874}C:\program files (x86)\steamless counterstrikesource pack\hl2.exe] => (Block) C:\program files (x86)\steamless counterstrikesource pack\hl2.exe
FirewallRules: [{A32FAF58-1412-4155-B798-F363DD50CC08}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{E303A31E-16CA-4844-8AE1-F60109DBA675}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [UDP Query User{600F0A67-9FF7-4CB5-9863-3DF6FF0C2D6B}C:\program files\java\jdk1.8.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_65\bin\jmc.exe
FirewallRules: [TCP Query User{4EA24165-101E-41CF-9C45-B4F69E5A3C74}C:\program files\java\jdk1.8.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_65\bin\jmc.exe
FirewallRules: [{50617DBB-D641-4217-B751-BD810DB7F119}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E3DF5FD2-B668-4E3E-9D3E-8E5BB0BF87BA}] => (Allow) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{89114CC2-34F0-4122-B301-61AA4319945F}] => (Allow) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2440C70A-7A6B-4B6D-A123-712FBD70A9CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6462BAA3-0284-4552-A8DE-589A37AC6BCE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9852CEB2-2423-4233-B583-35544D84D9A3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2215C6AB-62FB-4EEB-8717-07E567C59244}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{51D35BE1-7AFF-4262-BE02-61BD921DF615}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{0781B69A-4B35-473F-AB47-89CE6318ED73}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [UDP Query User{47FD8685-D285-49CB-ABD0-0977F2F84DD8}M:\games\call of duty black ops iii\blackops3.exe] => (Allow) M:\games\call of duty black ops iii\blackops3.exe
FirewallRules: [TCP Query User{20E12BCC-D3DD-4775-BE35-10FF60E010BB}M:\games\call of duty black ops iii\blackops3.exe] => (Allow) M:\games\call of duty black ops iii\blackops3.exe
FirewallRules: [TCP Query User{978374A8-AD20-4359-BE77-A67D94DA9896}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{1C42E517-0CBF-4D71-8D85-969177EA4138}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{9558C53E-37FF-45E7-9A8B-1EC4C71880C3}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{0578CCF7-AE1D-4C9C-943C-C69726E231B2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{80785240-54DC-4A65-81ED-4E4E4935CBE0}M:\jdownloader\jre\bin\javaw.exe] => (Allow) M:\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{42847236-F025-4A30-B7B4-2AE9BF5DCCF1}M:\jdownloader\jre\bin\javaw.exe] => (Allow) M:\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{1D8D5B98-EB69-4C6A-AC19-F712EFF883CC}M:\jdownloader\jre\bin\java.exe] => (Allow) M:\jdownloader\jre\bin\java.exe
FirewallRules: [UDP Query User{994936E9-37C4-47A0-BDEB-6A846D73F363}M:\jdownloader\jre\bin\java.exe] => (Allow) M:\jdownloader\jre\bin\java.exe
FirewallRules: [{BDBA1559-0767-4003-B9C0-F7E1807BB450}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{054F7E49-BAC3-46B6-B654-491B7FC98899}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{8F4C311D-D711-48C8-8940-A2C3CC194115}M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe] => (Allow) M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe
FirewallRules: [UDP Query User{15C82FC6-62AB-4904-B306-70AD69A9F8AD}M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe] => (Allow) M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe
FirewallRules: [{21FE5001-0179-4A7F-B498-5A4FC555CC78}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{39F833ED-D645-4DF5-83B4-831D54CC965E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{68B18BCB-3874-46A4-80DD-9699222566CF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A816DD60-DD86-4EA0-B739-3C9B7863C439}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F6B58786-8162-49F8-A162-73C2A3240B33}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\RpcAgentSrv.exe
FirewallRules: [{911438D9-1E32-4989-84B7-DEB3B3280F77}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\WNt600x64\RpcSandraSrv.exe
FirewallRules: [TCP Query User{2848611B-7895-4823-B6D6-EF1CB0A006B6}M:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) M:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{1A33A746-BD72-44D4-9EDC-C53D8F2E8C08}M:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) M:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{68E4D429-DBA5-4597-951D-CAF7117A56F2}] => (Allow) M:\Program Files (x86)\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{B263A842-E664-4611-B127-0E9041E80D1E}] => (Allow) M:\Program Files (x86)\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{C5DFAF2D-B544-4910-A68A-FC0155A1ACAF}M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{D9AE8798-8B04-4742-93CA-7AB2A9C5D39A}M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [{9EA90930-8669-4BCB-AE2C-B41D164F14E5}] => (Allow) M:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4380FC8-563B-472A-81A3-22FADE6734CA}] => (Allow) M:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A2E30EF8-99FA-4ABA-B833-741974D6BC05}] => (Allow) M:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B48BF075-2C5F-47F9-ACAF-2980D48ACE01}] => (Allow) M:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BAC03561-5F5C-4155-9946-6B82F61A6381}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{4C4C228A-CE78-4F94-AB6A-9A37178B6087}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{994B3FD3-15BE-418D-AFEA-A70CBBEC89AE}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{20526224-9C49-480F-803C-192E53CF7DCD}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{FD77485A-0F7F-4A3B-8533-96CD5272A824}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{7A16777D-B0E9-46FE-888E-9F62CD0D5ECB}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [UDP Query User{C342B424-54BE-42BC-91AD-47F83EDEA9AC}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [{661DF73C-B241-477E-AA84-B087393EEA7F}] => (Allow) M:\SteamLibrary\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [{95BA97EC-4661-448D-8FDE-F28C87808F43}] => (Allow) M:\SteamLibrary\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [TCP Query User{16AE10AB-38F4-486C-A014-611576649CED}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [UDP Query User{E3E6A7A6-5CEA-406B-949D-09673533E769}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [{CE4FA322-8732-4E69-A9FF-C35A1E697952}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C7266C32-357F-4EF1-A933-EE8B0E33FA21}] => (Allow) M:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A3A7A281-EA5E-4FF3-AC60-4833EC72D1C3}] => (Allow) M:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte GerÃ¤te im GerÃ¤temanager =============


==================== FehlereintrÃ¤ge in der Ereignisanzeige: =========================

Applikationsfehler:
==================

Systemfehler:
=============
Error: (09/10/2016 02:10:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_4bd80" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/10/2016 02:10:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _4bd80" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/10/2016 02:10:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_4bd80" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/10/2016 02:10:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_4bd80" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/04/2016 08:21:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhÃ¤ngig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten GerÃ¤ten verbunden.

Error: (09/04/2016 08:20:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_23df7a" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/04/2016 08:20:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_23df7a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/04/2016 08:12:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhÃ¤ngig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten GerÃ¤ten verbunden.

Error: (09/04/2016 08:11:10 PM) (Source: DCOM) (EventID: 10010) (User: NABIL-PC)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/04/2016 08:11:08 PM) (Source: DCOM) (EventID: 10010) (User: NABIL-PC)
Description: Der Server "Windows.Media.Capture.Internal.AppCaptureShell" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2016-09-05 13:28:14.266
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-05 13:28:14.231
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-04 20:53:49.628
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-04 20:53:49.567
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-04 20:53:48.833
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-04 20:53:47.220
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-04 20:37:16.112
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-01 22:18:12.390
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-01 03:01:06.472
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-01 01:48:21.019
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8111.46 MB
Verfügbarer physikalischer RAM: 4105.16 MB
Summe virtueller Speicher: 16303.46 MB
Verfügbarer virtueller Speicher: 10863.2 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:12.06 GB) NTFS
Drive e: (Emily Wants To Play) (CDROM) (Total:2.26 GB) (Free:0 GB) UDF
Drive f: (Adobe Acrobat XI) (CDROM) (Total:0.74 GB) (Free:0 GB) CDFS
Drive g: (OMNIPAGE ULTIMAT) (CDROM) (Total:3.05 GB) (Free:0 GB) CDFS
Drive h: (LifeIsStrange) (CDROM) (Total:8.72 GB) (Free:0 GB) UDF
Drive m: (Volume) (Fixed) (Total:1863.01 GB) (Free:1014.64 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4A40E047)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5AC0E83E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================

M-K-D-B · 11.09.2016, 18:52

Du hast da mindestens eine illegale/gecrackte Software auf deinem Rechner:
Microsoft Office Professional Plus 2013

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter, wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

nabil21 · 11.09.2016, 19:08

Code:

ATTFilter

19:40:39.0721 0x4ae4  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
19:40:46.0003 0x4ae4  ============================================================
19:40:46.0003 0x4ae4  Current date / time: 2016/09/11 19:40:46.0003
19:40:46.0003 0x4ae4  SystemInfo:
19:40:46.0004 0x4ae4  
19:40:46.0004 0x4ae4  OS Version: 10.0.10586 ServicePack: 0.0
19:40:46.0004 0x4ae4  Product type: Workstation
19:40:46.0004 0x4ae4  ComputerName: NABIL-PC
19:40:46.0004 0x4ae4  UserName: NABIL
19:40:46.0004 0x4ae4  Windows directory: C:\WINDOWS
19:40:46.0004 0x4ae4  System windows directory: C:\WINDOWS
19:40:46.0004 0x4ae4  Running under WOW64
19:40:46.0004 0x4ae4  Processor architecture: Intel x64
19:40:46.0004 0x4ae4  Number of processors: 4
19:40:46.0004 0x4ae4  Page size: 0x1000
19:40:46.0004 0x4ae4  Boot type: Normal boot
19:40:46.0004 0x4ae4  CodeIntegrityOptions = 0x00000001
19:40:46.0004 0x4ae4  ============================================================
19:40:46.0083 0x4ae4  KLMD registered as C:\WINDOWS\system32\drivers\34425297.sys
19:40:46.0083 0x4ae4  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 10586.545, osProperties = 0x19
19:40:46.0519 0x4ae4  System UUID: {C06ACB29-C246-51EA-CAC1-0DCCD3A4C04E}
19:40:46.0864 0x4ae4  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:40:46.0865 0x4ae4  Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:40:46.0867 0x4ae4  ============================================================
19:40:46.0867 0x4ae4  \Device\Harddisk0\DR0:
19:40:46.0867 0x4ae4  MBR partitions:
19:40:46.0867 0x4ae4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
19:40:46.0867 0x4ae4  \Device\Harddisk1\DR1:
19:40:46.0867 0x4ae4  MBR partitions:
19:40:46.0867 0x4ae4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:40:46.0867 0x4ae4  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDE80800
19:40:46.0867 0x4ae4  ============================================================
19:40:46.0868 0x4ae4  C: <-> \Device\Harddisk1\DR1\Partition2
19:40:46.0889 0x4ae4  M: <-> \Device\Harddisk0\DR0\Partition1
19:40:46.0890 0x4ae4  ============================================================
19:40:46.0890 0x4ae4  Initialize success
19:40:46.0890 0x4ae4  ============================================================
19:48:33.0185 0x0820  ============================================================
19:48:33.0185 0x0820  Scan started
19:48:33.0185 0x0820  Mode: Manual; SigCheck; TDLFS; 
19:48:33.0185 0x0820  ============================================================
19:48:33.0185 0x0820  KSN ping started
19:48:33.0239 0x0820  KSN ping finished: true
19:48:33.0971 0x0820  ================ Scan system memory ========================
19:48:33.0971 0x0820  System memory - ok
19:48:33.0972 0x0820  ================ Scan services =============================
19:48:33.0996 0x0820  1394ohci - ok
19:48:33.0999 0x0820  3ware - ok
19:48:34.0003 0x0820  [ 73C035299E3044636104CA7A7634A6AC, ED1D4904E2D1D1C72ED9697297AE1B64860098BA2F6F63F7A1426413007DF138 ] a2acc           C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
19:48:34.0106 0x0820  a2acc - ok
19:48:34.0208 0x0820  [ 1DF600AAA554D358108FF241A667112B, 9CD99BB0A22570B4AE62A0F66122457E57E10965552A8C6FD9C6E4090DAF150E ] a2AntiMalware   C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
19:48:34.0285 0x0820  a2AntiMalware - ok
19:48:34.0291 0x0820  [ D27A8B7BB0E15DFBFC6B4E774EE17AD9, CBAD45B3FFFD30C34AF918009F699B65F89043D0799FC25D2472381912F86F93 ] A2DDA           C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
19:48:34.0300 0x0820  A2DDA - ok
19:48:34.0304 0x0820  [ 05936579605018BD2BC528FF2C1AD95F, 763C2E76F9078F6A74D5BCCB4DD8A10C82AEB9C9F5A45C3706A587FA2D03E7D3 ] a2injectiondriver C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
19:48:34.0312 0x0820  a2injectiondriver - ok
19:48:34.0314 0x0820  [ B1AB7116D14667A2238DAEFE20B7F4D0, DC8A9093A6F759657C3354931A462FCCAF3533A907FB7152380EB2E9B4AD3BF8 ] a2util          C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
19:48:34.0323 0x0820  a2util - ok
19:48:34.0347 0x0820  [ 7494475F1BE72A371685F96A6B6044D9, 7F0A8BC9D2565F153D9BA2E55691CD742C8EA90FD61084A13CA8AD0581625EB7 ] ABBYY.Licensing.FineReader.Professional.12.0 C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
19:48:34.0375 0x0820  ABBYY.Licensing.FineReader.Professional.12.0 - ok
19:48:34.0379 0x0820  ACPI - ok
19:48:34.0381 0x0820  acpiex - ok
19:48:34.0383 0x0820  acpipagr - ok
19:48:34.0385 0x0820  AcpiPmi - ok
19:48:34.0388 0x0820  acpitime - ok
19:48:34.0393 0x0820  [ 059E8944776CD96C4D48ADECE806D140, E9621B6FDA9A942A443A88C41D6199AB55D1AE4C1FD240437F9547B044D1B2D7 ] AdaptiveSleepService C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
19:48:34.0404 0x0820  AdaptiveSleepService - detected UnsignedFile.Multi.Generic ( 1 )
19:48:34.0442 0x0820  Detect skipped due to KSN trusted
19:48:34.0442 0x0820  AdaptiveSleepService - ok
19:48:34.0446 0x0820  [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:48:34.0456 0x0820  AdobeARMservice - ok
19:48:34.0474 0x0820  [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:48:34.0486 0x0820  AdobeFlashPlayerUpdateSvc - ok
19:48:34.0490 0x0820  ADP80XX - ok
19:48:34.0493 0x0820  AFD - ok
19:48:34.0495 0x0820  agp440 - ok
19:48:34.0529 0x0820  [ E20C1118524DF19945BCD83A3843E8CF, 90C87096E9E2595DAA503CFD9C24D7D8F9CB2D567ACAB06FBF5527C8A6059409 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
19:48:34.0567 0x0820  AGSService - ok
19:48:34.0575 0x0820  ahcache - ok
19:48:34.0578 0x0820  AJRouter - ok
19:48:34.0580 0x0820  ALG - ok
19:48:34.0585 0x0820  [ DBEB48BCEE52B1281D096A7A83C2FB6C, 0CAF22983DA2ACC59363DF862AFC68832B55FFA6217134BC38E6E5570AAE7EB3 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
19:48:34.0603 0x0820  AMD External Events Utility - ok
19:48:34.0605 0x0820  AmdK8 - ok
19:48:34.0608 0x0820  amdkmdag - ok
19:48:34.0618 0x0820  [ 29ECFFBCED648EDFD1872AFEB4402E2B, 159C4DB6A578C5CBF092DEB1EC26545818B95E89C302553B7B421C5A754AEB04 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
19:48:34.0637 0x0820  amdkmdap - ok
19:48:34.0642 0x0820  [ 3F11DB5FF2B4E52CA4B5979A37B97A6F, 59350E37AB2FE8D7290B0B9A4C84ADBC69A4EBCEA5AD208E2E5D047C8EE5B65A ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
19:48:34.0651 0x0820  amdkmpfd - ok
19:48:34.0653 0x0820  AmdPPM - ok
19:48:34.0655 0x0820  amdsata - ok
19:48:34.0658 0x0820  amdsbs - ok
19:48:34.0660 0x0820  amdxata - ok
19:48:34.0662 0x0820  AppHostSvc - ok
19:48:34.0664 0x0820  AppID - ok
19:48:34.0666 0x0820  AppIDSvc - ok
19:48:34.0669 0x0820  Appinfo - ok
19:48:34.0673 0x0820  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:48:34.0682 0x0820  Apple Mobile Device Service - ok
19:48:34.0685 0x0820  AppMgmt - ok
19:48:34.0688 0x0820  AppReadiness - ok
19:48:34.0691 0x0820  AppXSvc - ok
19:48:34.0693 0x0820  arcsas - ok
19:48:34.0697 0x0820  [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT            C:\Windows\SysWOW64\ASGT.exe
19:48:34.0702 0x0820  ASGT - detected UnsignedFile.Multi.Generic ( 1 )
19:48:34.0741 0x0820  Detect skipped due to KSN trusted
19:48:34.0741 0x0820  ASGT - ok
19:48:34.0750 0x0820  aspnet_state - ok
19:48:34.0753 0x0820  [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger   C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys
19:48:34.0762 0x0820  AsrAppCharger - ok
19:48:34.0766 0x0820  [ 2C74F5379459FFA27B3C139E9EF8A62D, DFEE555A39CC4A66FC937E75389119FAF2721079FC4A537B5A8B46D852EA08B7 ] Asus Product Register Service C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
19:48:34.0773 0x0820  Asus Product Register Service - detected UnsignedFile.Multi.Generic ( 1 )
19:48:34.0811 0x0820  Detect skipped due to KSN trusted
19:48:34.0811 0x0820  Asus Product Register Service - ok
19:48:34.0814 0x0820  AsyncMac - ok
19:48:34.0816 0x0820  atapi - ok
19:48:34.0823 0x0820  [ F06A4C6E131FD7D6E253FC0B6844298C, 431FEFB929D984C2573E186C65CE35385808FDB9795C776870AF39305E9465FA ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
19:48:34.0839 0x0820  AtiHDAudioService - ok
19:48:34.0842 0x0820  AudioEndpointBuilder - ok
19:48:34.0844 0x0820  Audiosrv - ok
19:48:34.0847 0x0820  AxInstSV - ok
19:48:34.0849 0x0820  b06bdrv - ok
19:48:34.0851 0x0820  BasicDisplay - ok
19:48:34.0854 0x0820  BasicRender - ok
19:48:34.0858 0x0820  bcmfn - ok
19:48:34.0860 0x0820  bcmfn2 - ok
19:48:34.0862 0x0820  BDESVC - ok
19:48:34.0865 0x0820  Beep - ok
19:48:34.0888 0x0820  [ 96E6FDA70874EBB1E616BCF216EE118A, E1DBD5E610457CC2FF5E3DA6426F292C3514C15986E632A4F515E8206E77F7B5 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
19:48:34.0912 0x0820  BEService - ok
19:48:34.0916 0x0820  BFE - ok
19:48:34.0918 0x0820  BITS - ok
19:48:34.0931 0x0820  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:48:34.0945 0x0820  Bonjour Service - ok
19:48:34.0948 0x0820  bowser - ok
19:48:34.0950 0x0820  BrokerInfrastructure - ok
19:48:34.0953 0x0820  Browser - ok
19:48:34.0956 0x0820  BthAvrcpTg - ok
19:48:34.0959 0x0820  BthHFEnum - ok
19:48:34.0961 0x0820  bthhfhid - ok
19:48:34.0964 0x0820  BthHFSrv - ok
19:48:34.0966 0x0820  BTHMODEM - ok
19:48:34.0970 0x0820  bthserv - ok
19:48:34.0973 0x0820  buttonconverter - ok
19:48:34.0975 0x0820  CapImg - ok
19:48:34.0977 0x0820  cdfs - ok
19:48:34.0980 0x0820  CDPSvc - ok
19:48:34.0983 0x0820  cdrom - ok
19:48:34.0985 0x0820  CertPropSvc - ok
19:48:34.0988 0x0820  circlass - ok
19:48:34.0992 0x0820  [ B794DCF38C965FA2F93C45A7C3D582C5, 0E483EAF835B85AA4B6F449F9BB68AF0A3EE4192D29CD72F4B812F1E4D9E9A7C ] cleanhlp        C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys
19:48:35.0001 0x0820  cleanhlp - ok
19:48:35.0004 0x0820  CLFS - ok
19:48:35.0007 0x0820  ClipSVC - ok
19:48:35.0014 0x0820  CmBatt - ok
19:48:35.0017 0x0820  CNG - ok
19:48:35.0019 0x0820  cnghwassist - ok
19:48:35.0032 0x0820  CompositeBus - ok
19:48:35.0035 0x0820  COMSysApp - ok
19:48:35.0038 0x0820  condrv - ok
19:48:35.0041 0x0820  CoreMessagingRegistrar - ok
19:48:35.0046 0x0820  CryptSvc - ok
19:48:35.0048 0x0820  CSC - ok
19:48:35.0051 0x0820  CscService - ok
19:48:35.0054 0x0820  dam - ok
19:48:35.0058 0x0820  DcomLaunch - ok
19:48:35.0061 0x0820  DcpSvc - ok
19:48:35.0064 0x0820  defragsvc - ok
19:48:35.0067 0x0820  DeviceAssociationService - ok
19:48:35.0070 0x0820  DeviceInstall - ok
19:48:35.0073 0x0820  DevQueryBroker - ok
19:48:35.0076 0x0820  Dfsc - ok
19:48:35.0079 0x0820  Dhcp - ok
19:48:35.0083 0x0820  diagnosticshub.standardcollector.service - ok
19:48:35.0086 0x0820  DiagTrack - ok
19:48:35.0097 0x0820  [ EA3F6BAE990D67FCA171871359BE8749, 754361DC3181D259638BCD5B2B24B228375084F54E26977BC04BC183AB7542C0 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
19:48:35.0110 0x0820  DigitalWave.Update.Service - ok
19:48:35.0139 0x0820  [ 91DF13EC831BDCFA36A7A12CD13D66B9, 5054281FE91D4BE0DB446F6F30E3D59E669185555F6C20B988DEC250713FFCED ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
19:48:35.0167 0x0820  Disc Soft Lite Bus Service - ok
19:48:35.0172 0x0820  disk - ok
19:48:35.0175 0x0820  DmEnrollmentSvc - ok
19:48:35.0178 0x0820  dmvsc - ok
19:48:35.0181 0x0820  dmwappushservice - ok
19:48:35.0183 0x0820  Dnscache - ok
19:48:35.0188 0x0820  dot3svc - ok
19:48:35.0192 0x0820  DPS - ok
19:48:35.0195 0x0820  drmkaud - ok
19:48:35.0198 0x0820  DsmSvc - ok
19:48:35.0201 0x0820  DsSvc - ok
19:48:35.0204 0x0820  [ 496C3C6BC3D930D0960C9E75AA30F4A7, 3FE0E86DA8C2C6A990BB2F1B92C22BD3483882B8D69FF8025BB68A199362C234 ] dtlitescsibus   C:\WINDOWS\System32\drivers\dtlitescsibus.sys
19:48:35.0213 0x0820  dtlitescsibus - ok
19:48:35.0216 0x0820  DXGKrnl - ok
19:48:35.0229 0x0820  [ 2AAC97A2DDFE3149851A9F8E002F2721, 7CDCB2BA56A6417C49A94D45BC674678073EB6B999FB0665EC329A26C5E9BCA7 ] e1dexpress      C:\WINDOWS\system32\DRIVERS\e1d65x64.sys
19:48:35.0247 0x0820  e1dexpress - ok
19:48:35.0251 0x0820  Eaphost - ok
19:48:35.0254 0x0820  ebdrv - ok
19:48:35.0257 0x0820  EFS - ok
19:48:35.0260 0x0820  EhStorClass - ok
19:48:35.0263 0x0820  EhStorTcgDrv - ok
19:48:35.0265 0x0820  embeddedmode - ok
19:48:35.0270 0x0820  EntAppSvc - ok
19:48:35.0276 0x0820  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\WINDOWS\system32\EscSvc64.exe
19:48:35.0287 0x0820  EpsonScanSvc - ok
19:48:35.0290 0x0820  ErrDev - ok
19:48:35.0296 0x0820  [ 32710ECBE3C17C6F769BAC88CD1756FF, BB9B269F0322FFBFAC459EC15BA9410A5FF5CDCBD38F67F8482720ACB1799C2B ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
19:48:35.0305 0x0820  ESProtectionDriver - ok
19:48:35.0311 0x0820  EventSystem - ok
19:48:35.0314 0x0820  exfat - ok
19:48:35.0317 0x0820  fastfat - ok
19:48:35.0320 0x0820  Fax - ok
19:48:35.0323 0x0820  fdc - ok
19:48:35.0325 0x0820  fdPHost - ok
19:48:35.0329 0x0820  FDResPub - ok
19:48:35.0332 0x0820  fhsvc - ok
19:48:35.0335 0x0820  FileCrypt - ok
19:48:35.0339 0x0820  FileInfo - ok
19:48:35.0342 0x0820  Filetrace - ok
19:48:35.0345 0x0820  flpydisk - ok
19:48:35.0348 0x0820  FltMgr - ok
19:48:35.0351 0x0820  FontCache - ok
19:48:35.0355 0x0820  FontCache3.0.0.0 - ok
19:48:35.0358 0x0820  FsDepends - ok
19:48:35.0361 0x0820  Fs_Rec - ok
19:48:35.0364 0x0820  fvevol - ok
19:48:35.0367 0x0820  gagp30kx - ok
19:48:35.0371 0x0820  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:48:35.0379 0x0820  GEARAspiWDM - ok
19:48:35.0382 0x0820  gencounter - ok
19:48:35.0385 0x0820  genericusbfn - ok
19:48:35.0392 0x0820  [ 4AB1EEFAA88D73AA1580C20461235616, D5530E57589EE42A658741358BFE543ACD38031A6AAC3AB88421233233CBD31C ] GladFileMonSvc  C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
19:48:35.0402 0x0820  GladFileMonSvc - ok
19:48:35.0405 0x0820  GPIOClx0101 - ok
19:48:35.0409 0x0820  gpsvc - ok
19:48:35.0412 0x0820  GpuEnergyDrv - ok
19:48:35.0419 0x0820  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:48:35.0428 0x0820  gupdate - ok
19:48:35.0434 0x0820  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:48:35.0443 0x0820  gupdatem - ok
19:48:35.0447 0x0820  HdAudAddService - ok
19:48:35.0450 0x0820  HDAudBus - ok
19:48:35.0453 0x0820  HidBatt - ok
19:48:35.0456 0x0820  HidBth - ok
19:48:35.0460 0x0820  hidi2c - ok
19:48:35.0463 0x0820  hidinterrupt - ok
19:48:35.0466 0x0820  HidIr - ok
19:48:35.0470 0x0820  hidserv - ok
19:48:35.0474 0x0820  HidUsb - ok
19:48:35.0477 0x0820  HomeGroupListener - ok
19:48:35.0481 0x0820  HomeGroupProvider - ok
19:48:35.0484 0x0820  HpSAMD - ok
19:48:35.0487 0x0820  HTTP - ok
19:48:35.0501 0x0820  [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32        C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
19:48:35.0510 0x0820  HWiNFO32 - ok
19:48:35.0513 0x0820  hwpolicy - ok
19:48:35.0517 0x0820  hyperkbd - ok
19:48:35.0520 0x0820  HyperVideo - ok
19:48:35.0523 0x0820  i8042prt - ok
19:48:35.0527 0x0820  iai2c - ok
19:48:35.0530 0x0820  iaLPSS2i_I2C - ok
19:48:35.0534 0x0820  iaLPSSi_GPIO - ok
19:48:35.0538 0x0820  iaLPSSi_I2C - ok
19:48:35.0569 0x0820  [ 12859E1215AA083A42E7ADCDE5C061D1, 262F9C65C3FA7EB69C4FA7C6547E1C79DB49697A083309909BC78726A116557F ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
19:48:35.0599 0x0820  iaStorA - ok
19:48:35.0603 0x0820  iaStorAV - ok
19:48:35.0608 0x0820  [ 7281AED93FB30FDD1CBAF07591FA453A, BD912798D8E28AF27C5FE01455D97224013D30066E35230888E64D0AC346893F ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:48:35.0616 0x0820  IAStorDataMgrSvc - ok
19:48:35.0619 0x0820  iaStorV - ok
19:48:35.0623 0x0820  ibbus - ok
19:48:35.0627 0x0820  icssvc - ok
19:48:35.0632 0x0820  IEEtwCollectorService - ok
19:48:35.0639 0x0820  [ EDCCC8C13B1EB882F77BA0ABB84566E7, DB299C1D2CFC197CF2FE69358F5EEDE94DCC4C919AF5D2CDFFF0DE476612C988 ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
19:48:35.0649 0x0820  IJPLMSVC - ok
19:48:35.0653 0x0820  [ E18725531054FE222115873AC1CCB02B, 0FC4B9D5DF77E19E4732759B848B4BCBBD44A124304FA8333BB3B7BC37E15FB8 ] ikbevent        C:\WINDOWS\system32\DRIVERS\ikbevent.sys
19:48:35.0662 0x0820  ikbevent - ok
19:48:35.0665 0x0820  IKEEXT - ok
19:48:35.0670 0x0820  [ 45060257BCA3D60204FEC29F6E6DE458, C9FB92FEEFC0DC5386B545A8E429D60B932360B9044A920F6F2EDD5CF3B7B5A0 ] imsevent        C:\WINDOWS\system32\DRIVERS\imsevent.sys
19:48:35.0678 0x0820  imsevent - ok
19:48:35.0755 0x0820  [ C1B6594EDD7FE73FFB03D48A9CAE25DE, B9995F65B06F28E146A7B50E4D77C2E50D68CB65D5F69798E6644AA23B7AEB5F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
19:48:35.0837 0x0820  IntcAzAudAddService - ok
19:48:35.0860 0x0820  [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:48:35.0879 0x0820  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
19:48:35.0917 0x0820  Detect skipped due to KSN trusted
19:48:35.0917 0x0820  Intel(R) Capability Licensing Service Interface - ok
19:48:35.0936 0x0820  [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:48:35.0955 0x0820  Intel(R) Capability Licensing Service TCP IP Interface - ok
19:48:35.0964 0x0820  [ EE65488B7294FBCB113EAC9FD492345C, D1D6B22CD94324387171B188D295AA716900654DA1DC9F3DC18D0CD528F2BBEA ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
19:48:35.0973 0x0820  Intel(R) ME Service - ok
19:48:35.0980 0x0820  [ 26FBC0AEDE7C6A67781202E0E2ECB6A6, BEF9E7CB2B2DD7A8091483EC53B812CA3F079CEC949DE545ABED6BE617A9ED55 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
19:48:35.0993 0x0820  Intel(R) PROSet Monitoring Service - ok
19:48:35.0997 0x0820  intelide - ok
19:48:36.0000 0x0820  intelpep - ok
19:48:36.0004 0x0820  intelppm - ok
19:48:36.0009 0x0820  [ A01C412699B6F21645B2885C2BAE4454, EA85BBE63D6F66F7EFEE7007E770AF820D57F914C7F179C5FEE3EF2845F19C41 ] IOMap           C:\WINDOWS\system32\drivers\IOMap64.sys
19:48:36.0017 0x0820  IOMap - ok
19:48:36.0020 0x0820  IoQos - ok
19:48:36.0024 0x0820  IpFilterDriver - ok
19:48:36.0028 0x0820  iphlpsvc - ok
19:48:36.0031 0x0820  IPMIDRV - ok
19:48:36.0035 0x0820  IPNAT - ok
19:48:36.0051 0x0820  [ 2BFF13AC46A5850161317D0F924B5B42, B8A09F66435EC6582F8772515988503CC13DC200A370EBB8C3FE661F2EA688DA ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:48:36.0068 0x0820  iPod Service - ok
19:48:36.0072 0x0820  IRENUM - ok
19:48:36.0076 0x0820  isapnp - ok
19:48:36.0079 0x0820  iScsiPrt - ok
19:48:36.0083 0x0820  [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT            C:\WINDOWS\System32\drivers\ISCTD64.sys
19:48:36.0092 0x0820  ISCT - ok
19:48:36.0099 0x0820  [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
19:48:36.0110 0x0820  iumsvc - ok
19:48:36.0117 0x0820  [ BF5D3A2624177C413680DEF19A465AF8, B9909D3E6CB6F9971293116387865AD15CB9D47513C7FAA9C36BE4D2847A41EB ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:48:36.0127 0x0820  jhi_service - ok
19:48:36.0131 0x0820  kbdclass - ok
19:48:36.0134 0x0820  kbdhid - ok
19:48:36.0138 0x0820  kdnic - ok
19:48:36.0142 0x0820  KeyIso - ok
19:48:36.0146 0x0820  [ 0F9FD9565E6EB157FA9BE11ED9C1DC9F, 7565255F0A28D065F8F30F876E7DF3E46EF2E6FEDF420ECA7D454CF49887B2DE ] KMS-R@1n        C:\Windows\KMS-R@1n.exe
19:48:36.0150 0x0820  KMS-R@1n - detected UnsignedFile.Multi.Generic ( 1 )
19:48:36.0188 0x0820  Detect skipped due to KSN trusted
19:48:36.0188 0x0820  KMS-R@1n - ok
19:48:36.0192 0x0820  KSecDD - ok
19:48:36.0195 0x0820  KSecPkg - ok
19:48:36.0200 0x0820  ksthunk - ok
19:48:36.0204 0x0820  KtmRm - ok
19:48:36.0208 0x0820  LanmanServer - ok
19:48:36.0212 0x0820  LanmanWorkstation - ok
19:48:36.0219 0x0820  lfsvc - ok
19:48:36.0223 0x0820  LicenseManager - ok
19:48:36.0282 0x0820  [ C2BDC7EA68CAE9E9A088F77BAC88FB92, EBD7B98C00DD320DAAD39C15A8D9D49CB9F3691BF41F1553039F4060BAB29A24 ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
19:48:36.0329 0x0820  LiveUpdateSvc - ok
19:48:36.0335 0x0820  lltdio - ok
19:48:36.0339 0x0820  lltdsvc - ok
19:48:36.0343 0x0820  lmhosts - ok
19:48:36.0356 0x0820  [ 02A9CBACE666877BBBA4FD66B22F6D4A, 0E783BA7A8F00CEC8F03CFEE03999CA5DB9E4DB7CCE62D9171CFCF36AFBE4BB1 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:48:36.0369 0x0820  LMS - ok
19:48:36.0376 0x0820  LSI_SAS - ok
19:48:36.0380 0x0820  LSI_SAS2i - ok
19:48:36.0384 0x0820  LSI_SAS3i - ok
19:48:36.0388 0x0820  LSI_SSS - ok
19:48:36.0393 0x0820  LSM - ok
19:48:36.0396 0x0820  luafv - ok
19:48:36.0401 0x0820  MapsBroker - ok
19:48:36.0414 0x0820  [ DE111E937CB01E149FD749F67CDA7DD9, 1434FD87072FE4032D40E2B59DA301B0B35A301DAD4A6E7FE53BE8044BD2B465 ] MbaeSvc         C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
19:48:36.0433 0x0820  MbaeSvc - ok
19:48:36.0438 0x0820  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
19:48:36.0446 0x0820  MBAMProtector - ok
19:48:36.0485 0x0820  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
19:48:36.0508 0x0820  MBAMService - ok
19:48:36.0524 0x0820  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
19:48:36.0533 0x0820  MBAMWebAccessControl - ok
19:48:36.0569 0x0820  [ 6EF327DBB5DC9D6310ADE48CAB14959D, AFDC81E83E9EC9424C14431E531E976C419715754952D92BE2691186C55F0E9B ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe
19:48:36.0581 0x0820  McComponentHostService - ok
19:48:36.0585 0x0820  megasas - ok
19:48:36.0590 0x0820  megasr - ok
19:48:36.0605 0x0820  [ 6ECDA51525C123C55ABC470F2144F925, 7B2E8976F126219AF0953FD641E613A9336CCC80843AF4A37AA71067D55CCBBB ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
19:48:36.0617 0x0820  MEIx64 - ok
19:48:36.0622 0x0820  MessagingService - ok
19:48:36.0661 0x0820  mlx4_bus - ok
19:48:36.0666 0x0820  MMCSS - ok
19:48:36.0670 0x0820  Modem - ok
19:48:36.0674 0x0820  monitor - ok
19:48:36.0681 0x0820  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\WINDOWS\system32\DRIVERS\MijXfilt.sys
19:48:36.0689 0x0820  MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 )
19:48:36.0726 0x0820  Detect skipped due to KSN trusted
19:48:36.0726 0x0820  MotioninJoyXFilter - ok
19:48:36.0731 0x0820  mouclass - ok
19:48:36.0735 0x0820  mouhid - ok
19:48:36.0740 0x0820  mountmgr - ok
19:48:36.0744 0x0820  mpsdrv - ok
19:48:36.0748 0x0820  MpsSvc - ok
19:48:36.0753 0x0820  MQAC - ok
19:48:36.0757 0x0820  MRxDAV - ok
19:48:36.0762 0x0820  mrxsmb - ok
19:48:36.0767 0x0820  mrxsmb10 - ok
19:48:36.0771 0x0820  mrxsmb20 - ok
19:48:36.0775 0x0820  MsBridge - ok
19:48:36.0780 0x0820  MSDTC - ok
19:48:36.0790 0x0820  Msfs - ok
19:48:36.0795 0x0820  msgpiowin32 - ok
19:48:36.0799 0x0820  mshidkmdf - ok
19:48:36.0803 0x0820  mshidumdf - ok
19:48:36.0808 0x0820  msisadrv - ok
19:48:36.0813 0x0820  MSiSCSI - ok
19:48:36.0817 0x0820  msiserver - ok
19:48:36.0821 0x0820  MSKSSRV - ok
19:48:36.0826 0x0820  MsLldp - ok
19:48:36.0830 0x0820  MSMQ - ok
19:48:36.0834 0x0820  MSPCLOCK - ok
19:48:36.0838 0x0820  MSPQM - ok
19:48:36.0843 0x0820  MsRPC - ok
19:48:36.0850 0x0820  mssmbios - ok
19:48:36.0854 0x0820  MSTEE - ok
19:48:36.0859 0x0820  MTConfig - ok
19:48:36.0863 0x0820  Mup - ok
19:48:36.0868 0x0820  mvumis - ok
19:48:36.0886 0x0820  [ E605F35F03C881DC46902E0E2F5985B3, C97F0C733377E35B463EF7F6A5B879DA21AB512719899160C09278615FE39A21 ] MyEpson Portal Service C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
19:48:36.0904 0x0820  MyEpson Portal Service - ok
19:48:36.0912 0x0820  NativeWifiP - ok
19:48:36.0933 0x0820  [ DF1A606A45C5280BD2DEFEFC17311489, 690656E73211BF34A1A839EAAA6B090D66040773228506C571E40699CB4927F4 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
19:48:36.0951 0x0820  NAUpdate - ok
19:48:36.0957 0x0820  NcaSvc - ok
19:48:36.0962 0x0820  NcbService - ok
19:48:36.0965 0x0820  NcdAutoSetup - ok
19:48:36.0971 0x0820  ndfltr - ok
19:48:36.0975 0x0820  NDIS - ok
19:48:36.0980 0x0820  NdisCap - ok
19:48:36.0985 0x0820  NdisImPlatform - ok
19:48:36.0989 0x0820  NdisTapi - ok
19:48:36.0993 0x0820  Ndisuio - ok
19:48:36.0998 0x0820  NdisVirtualBus - ok
19:48:37.0003 0x0820  NdisWan - ok
19:48:37.0007 0x0820  ndiswanlegacy - ok
19:48:37.0012 0x0820  ndproxy - ok
19:48:37.0017 0x0820  Ndu - ok
19:48:37.0022 0x0820  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\WINDOWS\System32\drivers\netaapl64.sys
19:48:37.0035 0x0820  Netaapl - ok
19:48:37.0040 0x0820  NetBIOS - ok
19:48:37.0048 0x0820  NetBT - ok
19:48:37.0052 0x0820  Netlogon - ok
19:48:37.0058 0x0820  Netman - ok
19:48:37.0065 0x0820  NetMsmqActivator - ok
19:48:37.0069 0x0820  NetPipeActivator - ok
19:48:37.0074 0x0820  netprofm - ok
19:48:37.0079 0x0820  NetSetupSvc - ok
19:48:37.0084 0x0820  NetTcpActivator - ok
19:48:37.0088 0x0820  NetTcpPortSharing - ok
19:48:37.0093 0x0820  netvsc - ok
19:48:37.0102 0x0820  NgcCtnrSvc - ok
19:48:37.0106 0x0820  NgcSvc - ok
19:48:37.0111 0x0820  NlaSvc - ok
19:48:37.0116 0x0820  Npfs - ok
19:48:37.0121 0x0820  npsvctrig - ok
19:48:37.0126 0x0820  nsi - ok
19:48:37.0130 0x0820  nsiproxy - ok
19:48:37.0139 0x0820  NTFS - ok
19:48:37.0143 0x0820  Null - ok
19:48:37.0148 0x0820  nvraid - ok
19:48:37.0153 0x0820  nvstor - ok
19:48:37.0157 0x0820  nv_agp - ok
19:48:37.0162 0x0820  OneSyncSvc - ok
19:48:37.0213 0x0820  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:48:37.0225 0x0820  ose64 - ok
19:48:37.0332 0x0820  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:48:37.0413 0x0820  osppsvc - ok
19:48:37.0425 0x0820  p2pimsvc - ok
19:48:37.0430 0x0820  p2psvc - ok
19:48:37.0435 0x0820  Parport - ok
19:48:37.0441 0x0820  partmgr - ok
19:48:37.0445 0x0820  PcaSvc - ok
19:48:37.0450 0x0820  pci - ok
19:48:37.0455 0x0820  pciide - ok
19:48:37.0460 0x0820  pcmcia - ok
19:48:37.0465 0x0820  pcw - ok
19:48:37.0470 0x0820  pdc - ok
19:48:37.0475 0x0820  PEAUTH - ok
19:48:37.0480 0x0820  PeerDistSvc - ok
19:48:37.0485 0x0820  percsas2i - ok
19:48:37.0490 0x0820  percsas3i - ok
19:48:37.0508 0x0820  PerfHost - ok
19:48:37.0524 0x0820  PhoneSvc - ok
19:48:37.0530 0x0820  PimIndexMaintenanceSvc - ok
19:48:37.0575 0x0820  pla - ok
19:48:37.0581 0x0820  PlugPlay - ok
19:48:37.0585 0x0820  PNRPAutoReg - ok
19:48:37.0591 0x0820  PNRPsvc - ok
19:48:37.0596 0x0820  PolicyAgent - ok
19:48:37.0605 0x0820  Power - ok
19:48:37.0610 0x0820  PptpMiniport - ok
19:48:37.0681 0x0820  [ C9908063F90F5541098BF19EA63E1327, AA6B5E4D01CD8061D5953FDE3025FE4AF01B265C182B8818107A035E4FFAD0DF ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:48:37.0775 0x0820  PrintNotify - ok
19:48:37.0782 0x0820  Processor - ok
19:48:37.0788 0x0820  ProfSvc - ok
19:48:37.0793 0x0820  Psched - ok
19:48:37.0798 0x0820  QWAVE - ok
19:48:37.0804 0x0820  QWAVEdrv - ok
19:48:37.0810 0x0820  RasAcd - ok
19:48:37.0815 0x0820  RasAgileVpn - ok
19:48:37.0820 0x0820  RasAuto - ok
19:48:37.0825 0x0820  Rasl2tp - ok
19:48:37.0831 0x0820  RasMan - ok
19:48:37.0836 0x0820  RasPppoe - ok
19:48:37.0841 0x0820  RasSstp - ok
19:48:37.0847 0x0820  rdbss - ok
19:48:37.0856 0x0820  rdpbus - ok
19:48:37.0861 0x0820  RDPDR - ok
19:48:37.0875 0x0820  RdpVideoMiniport - ok
19:48:37.0880 0x0820  rdyboost - ok
19:48:37.0885 0x0820  ReFSv1 - ok
19:48:37.0895 0x0820  RemoteAccess - ok
19:48:37.0900 0x0820  RemoteRegistry - ok
19:48:37.0906 0x0820  RetailDemo - ok
19:48:37.0912 0x0820  RpcEptMapper - ok
19:48:37.0917 0x0820  RpcLocator - ok
19:48:37.0923 0x0820  RpcSs - ok
19:48:37.0928 0x0820  rspndr - ok
19:48:37.0934 0x0820  s3cap - ok
19:48:37.0939 0x0820  SamSs - ok
19:48:37.0947 0x0820  [ 5EFBBFCC6ADAC121C8E2FE76641ED329, 0EAB16C7F54B61620277977F8C332737081A46BC6BBDE50742B6904BDD54F502 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\WNt600x64\Sandra.sys
19:48:37.0955 0x0820  SANDRA - ok
19:48:37.0961 0x0820  [ DB066DBB99FB20AA7B3CE28C4E592180, 19590B7B718AE7706E4145B1998C77420CC64FF8E345DDE4716192B999612E4C ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\RpcAgentSrv.exe
19:48:37.0968 0x0820  SandraAgentSrv - detected UnsignedFile.Multi.Generic ( 1 )
19:48:38.0005 0x0820  Detect skipped due to KSN trusted
19:48:38.0005 0x0820  SandraAgentSrv - ok
19:48:38.0011 0x0820  sbp2port - ok
19:48:38.0016 0x0820  SCardSvr - ok
19:48:38.0023 0x0820  ScDeviceEnum - ok
19:48:38.0028 0x0820  scfilter - ok
19:48:38.0034 0x0820  Schedule - ok
19:48:38.0040 0x0820  SCPolicySvc - ok
19:48:38.0046 0x0820  sdbus - ok
19:48:38.0052 0x0820  SDRSVC - ok
19:48:38.0057 0x0820  sdstor - ok
19:48:38.0063 0x0820  seclogon - ok
19:48:38.0068 0x0820  SENS - ok
19:48:38.0074 0x0820  SensorDataService - ok
19:48:38.0079 0x0820  SensorService - ok
19:48:38.0085 0x0820  SensrSvc - ok
19:48:38.0090 0x0820  SerCx - ok
19:48:38.0096 0x0820  SerCx2 - ok
19:48:38.0102 0x0820  Serenum - ok
19:48:38.0107 0x0820  Serial - ok
19:48:38.0113 0x0820  sermouse - ok
19:48:38.0131 0x0820  SessionEnv - ok
19:48:38.0145 0x0820  sfloppy - ok
19:48:38.0151 0x0820  SharedAccess - ok
19:48:38.0158 0x0820  ShellHWDetection - ok
19:48:38.0164 0x0820  SiSRaid2 - ok
19:48:38.0169 0x0820  SiSRaid4 - ok
19:48:38.0183 0x0820  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:48:38.0198 0x0820  SkypeUpdate - ok
19:48:38.0204 0x0820  [ E4F6FAAA2B531594A523AD4544F4A013, BE561215835BBB934780BDFF35F756BC975056B98F0453F40B92AFA363B63DDA ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
19:48:38.0213 0x0820  SmbDrvI - ok
19:48:38.0219 0x0820  smphost - ok
19:48:38.0225 0x0820  SmsRouter - ok
19:48:38.0244 0x0820  SNMPTRAP - ok
19:48:38.0249 0x0820  spaceport - ok
19:48:38.0255 0x0820  SpbCx - ok
19:48:38.0261 0x0820  Spooler - ok
19:48:38.0267 0x0820  sppsvc - ok
19:48:38.0272 0x0820  srv - ok
19:48:38.0278 0x0820  srv2 - ok
19:48:38.0284 0x0820  srvnet - ok
19:48:38.0290 0x0820  SSDPSRV - ok
19:48:38.0296 0x0820  SstpSvc - ok
19:48:38.0319 0x0820  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
19:48:38.0336 0x0820  ss_conn_service - ok
19:48:38.0347 0x0820  [ 31A20120B76C8F6D350D4EF6668B0381, 86971AC0963470039D44E8BFA72FEB188E8ED579FCB96AD4492CEBFEF887823E ] Start10         C:\Program Files (x86)\Stardock\Start101\Start10Srv.exe
19:48:38.0359 0x0820  Start10 - ok
19:48:38.0366 0x0820  StateRepository - ok
19:48:38.0390 0x0820  [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:48:38.0418 0x0820  Steam Client Service - ok
19:48:38.0426 0x0820  stexstor - ok
19:48:38.0431 0x0820  stisvc - ok
19:48:38.0437 0x0820  storahci - ok
19:48:38.0444 0x0820  storflt - ok
19:48:38.0450 0x0820  stornvme - ok
19:48:38.0456 0x0820  storqosflt - ok
19:48:38.0462 0x0820  StorSvc - ok
19:48:38.0467 0x0820  storufs - ok
19:48:38.0473 0x0820  storvsc - ok
19:48:38.0479 0x0820  svsvc - ok
19:48:38.0485 0x0820  swenum - ok
19:48:38.0491 0x0820  swprv - ok
19:48:38.0497 0x0820  Synth3dVsc - ok
19:48:38.0503 0x0820  SysMain - ok
19:48:38.0509 0x0820  SystemEventsBroker - ok
19:48:38.0516 0x0820  TabletInputService - ok
19:48:38.0522 0x0820  TapiSrv - ok
19:48:38.0528 0x0820  Tcpip - ok
19:48:38.0534 0x0820  Tcpip6 - ok
19:48:38.0545 0x0820  tcpipreg - ok
19:48:38.0555 0x0820  tdx - ok
19:48:38.0561 0x0820  terminpt - ok
19:48:38.0567 0x0820  TermService - ok
19:48:38.0573 0x0820  Themes - ok
19:48:38.0579 0x0820  TieringEngineService - ok
19:48:38.0585 0x0820  tiledatamodelsvc - ok
19:48:38.0592 0x0820  TimeBroker - ok
19:48:38.0598 0x0820  TPM - ok
19:48:38.0604 0x0820  TrkWks - ok
19:48:38.0610 0x0820  TrustedInstaller - ok
19:48:38.0621 0x0820  tsusbflt - ok
19:48:38.0627 0x0820  TsUsbGD - ok
19:48:38.0633 0x0820  tzautoupdate - ok
19:48:38.0640 0x0820  uagp35 - ok
19:48:38.0646 0x0820  UASPStor - ok
19:48:38.0652 0x0820  UcmCx0101 - ok
19:48:38.0658 0x0820  UcmUcsi - ok
19:48:38.0664 0x0820  Ucx01000 - ok
19:48:38.0670 0x0820  UdeCx - ok
19:48:38.0677 0x0820  udfs - ok
19:48:38.0683 0x0820  UEFI - ok
19:48:38.0689 0x0820  Ufx01000 - ok
19:48:38.0695 0x0820  UfxChipidea - ok
19:48:38.0701 0x0820  ufxsynopsys - ok
19:48:38.0717 0x0820  UI0Detect - ok
19:48:38.0723 0x0820  uliagpkx - ok
19:48:38.0729 0x0820  umbus - ok
19:48:38.0735 0x0820  UmPass - ok
19:48:38.0742 0x0820  UmRdpService - ok
19:48:38.0749 0x0820  UnistoreSvc - ok
19:48:38.0811 0x0820  upnphost - ok
19:48:38.0817 0x0820  UrsChipidea - ok
19:48:38.0823 0x0820  UrsCx01000 - ok
19:48:38.0830 0x0820  UrsSynopsys - ok
19:48:38.0838 0x0820  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
19:48:38.0851 0x0820  USBAAPL64 - ok
19:48:38.0858 0x0820  usbccgp - ok
19:48:38.0865 0x0820  usbcir - ok
19:48:38.0871 0x0820  usbehci - ok
19:48:38.0878 0x0820  usbhub - ok
19:48:38.0884 0x0820  USBHUB3 - ok
19:48:38.0891 0x0820  usbohci - ok
19:48:38.0897 0x0820  usbprint - ok
19:48:38.0903 0x0820  usbser - ok
19:48:38.0910 0x0820  USBSTOR - ok
19:48:38.0916 0x0820  usbuhci - ok
19:48:38.0923 0x0820  USBXHCI - ok
19:48:38.0930 0x0820  UserDataSvc - ok
19:48:38.0995 0x0820  UserManager - ok
19:48:39.0002 0x0820  UsoSvc - ok
19:48:39.0009 0x0820  VaultSvc - ok
19:48:39.0016 0x0820  vdrvroot - ok
19:48:39.0022 0x0820  vds - ok
19:48:39.0029 0x0820  VerifierExt - ok
19:48:39.0035 0x0820  vhdmp - ok
19:48:39.0042 0x0820  vhf - ok
19:48:39.0049 0x0820  vmbus - ok
19:48:39.0055 0x0820  VMBusHID - ok
19:48:39.0062 0x0820  vmicguestinterface - ok
19:48:39.0069 0x0820  vmicheartbeat - ok
19:48:39.0075 0x0820  vmickvpexchange - ok
19:48:39.0082 0x0820  vmicrdv - ok
19:48:39.0088 0x0820  vmicshutdown - ok
19:48:39.0096 0x0820  vmictimesync - ok
19:48:39.0102 0x0820  vmicvmsession - ok
19:48:39.0108 0x0820  vmicvss - ok
19:48:39.0115 0x0820  volmgr - ok
19:48:39.0122 0x0820  volmgrx - ok
19:48:39.0128 0x0820  volsnap - ok
19:48:39.0135 0x0820  vpci - ok
19:48:39.0142 0x0820  vsmraid - ok
19:48:39.0148 0x0820  VSS - ok
19:48:39.0155 0x0820  VSTXRAID - ok
19:48:39.0162 0x0820  vwifibus - ok
19:48:39.0168 0x0820  vwififlt - ok
19:48:39.0175 0x0820  W32Time - ok
19:48:39.0182 0x0820  w3logsvc - ok
19:48:39.0190 0x0820  W3SVC - ok
19:48:39.0197 0x0820  WacomPen - ok
19:48:39.0204 0x0820  WalletService - ok
19:48:39.0211 0x0820  wanarp - ok
19:48:39.0218 0x0820  wanarpv6 - ok
19:48:39.0225 0x0820  WAS - ok
19:48:39.0231 0x0820  wbengine - ok
19:48:39.0239 0x0820  WbioSrvc - ok
19:48:39.0246 0x0820  Wcmsvc - ok
19:48:39.0252 0x0820  wcncsvc - ok
19:48:39.0259 0x0820  WcsPlugInService - ok
19:48:39.0267 0x0820  WdBoot - ok
19:48:39.0274 0x0820  Wdf01000 - ok
19:48:39.0280 0x0820  WdFilter - ok
19:48:39.0287 0x0820  WdiServiceHost - ok
19:48:39.0294 0x0820  WdiSystemHost - ok
19:48:39.0301 0x0820  wdiwifi - ok
19:48:39.0308 0x0820  WdNisDrv - ok
19:48:39.0314 0x0820  WdNisSvc - ok
19:48:39.0322 0x0820  WebClient - ok
19:48:39.0329 0x0820  Wecsvc - ok
19:48:39.0336 0x0820  WEPHOSTSVC - ok
19:48:39.0343 0x0820  wercplsupport - ok
19:48:39.0350 0x0820  WerSvc - ok
19:48:39.0357 0x0820  WFPLWFS - ok
19:48:39.0364 0x0820  WiaRpc - ok
19:48:39.0371 0x0820  WIMMount - ok
19:48:39.0378 0x0820  WinDefend - ok
19:48:39.0397 0x0820  WindowsTrustedRT - ok
19:48:39.0404 0x0820  WindowsTrustedRTProxy - ok
19:48:39.0412 0x0820  WinHttpAutoProxySvc - ok
19:48:39.0419 0x0820  WinMad - ok
19:48:39.0429 0x0820  Winmgmt - ok
19:48:39.0436 0x0820  WinRM - ok
19:48:39.0455 0x0820  WINUSB - ok
19:48:39.0462 0x0820  WinVerbs - ok
19:48:39.0470 0x0820  WlanSvc - ok
19:48:39.0477 0x0820  wlidsvc - ok
19:48:39.0484 0x0820  WmiAcpi - ok
19:48:39.0497 0x0820  wmiApSrv - ok
19:48:39.0504 0x0820  WMPNetworkSvc - ok
19:48:39.0516 0x0820  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
19:48:39.0531 0x0820  Wof - ok
19:48:39.0545 0x0820  workfolderssvc - ok
19:48:39.0552 0x0820  wpcfltr - ok
19:48:39.0559 0x0820  WPDBusEnum - ok
19:48:39.0566 0x0820  WpdUpFltr - ok
19:48:39.0574 0x0820  WpnService - ok
19:48:39.0582 0x0820  [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001    C:\WINDOWS\system32\drivers\WPRO_41_2001.sys
19:48:39.0591 0x0820  WPRO_41_2001 - ok
19:48:39.0598 0x0820  ws2ifsl - ok
19:48:39.0613 0x0820  [ 69671F82C17650612B68519ADA192F65, 282A0B8E5455DEEAE8AFED270A438F67463324C1B2A11369A7D3B0D47987EE53 ] WsAppService    C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
19:48:39.0625 0x0820  WsAppService - detected UnsignedFile.Multi.Generic ( 1 )
19:48:39.0662 0x0820  Detect skipped due to KSN trusted
19:48:39.0662 0x0820  WsAppService - ok
19:48:39.0670 0x0820  wscsvc - ok
19:48:39.0677 0x0820  WSDPrintDevice - ok
19:48:39.0688 0x0820  [ 41B8BD5F7E665710E4E3FA4C5CE0FDC8, 653F215F741B33F1E43FAA520F3F20DDD9A65721EADE68B196E382F877EB5359 ] WsDrvInst       C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe
19:48:39.0698 0x0820  WsDrvInst - ok
19:48:39.0706 0x0820  WSDScan - ok
19:48:39.0713 0x0820  WSearch - ok
19:48:39.0727 0x0820  WSService - ok
19:48:39.0734 0x0820  wuauserv - ok
19:48:39.0742 0x0820  WudfPf - ok
19:48:39.0749 0x0820  WUDFRd - ok
19:48:39.0757 0x0820  wudfsvc - ok
19:48:39.0764 0x0820  WUDFWpdFs - ok
19:48:39.0771 0x0820  WUDFWpdMtp - ok
19:48:39.0779 0x0820  WwanSvc - ok
19:48:39.0787 0x0820  XblAuthManager - ok
19:48:39.0794 0x0820  XblGameSave - ok
19:48:39.0802 0x0820  xboxgip - ok
19:48:39.0809 0x0820  XboxNetApiSvc - ok
19:48:39.0817 0x0820  xinputhid - ok
19:48:39.0831 0x0820  [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21          C:\WINDOWS\system32\DRIVERS\xusb21.sys
19:48:39.0841 0x0820  xusb21 - ok
19:48:39.0842 0x0820  ================ Scan global ===============================
19:48:39.0849 0x0820  [ Global ] - ok
19:48:39.0850 0x0820  ================ Scan MBR ==================================
19:48:39.0872 0x0820  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:48:39.0943 0x0820  \Device\Harddisk0\DR0 - ok
19:48:39.0944 0x0820  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:48:39.0983 0x0820  \Device\Harddisk1\DR1 - ok
19:48:39.0984 0x0820  ================ Scan VBR ==================================
19:48:39.0985 0x0820  [ 52229DCFF00A9CB9FADFFE2BBC89B527 ] \Device\Harddisk0\DR0\Partition1
19:48:39.0986 0x0820  \Device\Harddisk0\DR0\Partition1 - ok
19:48:39.0987 0x0820  [ C0D3076AF00DB06B3724EC0B6D7444A2 ] \Device\Harddisk1\DR1\Partition1
19:48:39.0988 0x0820  \Device\Harddisk1\DR1\Partition1 - ok
19:48:39.0990 0x0820  [ 979C122A32EC148AB1FDA57C7C389A01 ] \Device\Harddisk1\DR1\Partition2
19:48:39.0991 0x0820  \Device\Harddisk1\DR1\Partition2 - ok
19:48:39.0991 0x0820  ================ Scan generic autorun ======================
19:48:40.0208 0x0820  [ C584AF9EB11C90469DE2747BE583EB01, B7F149F48CAEB3230469CF078841C6B31BD4EDEF9CDB295AF53B8B69ED50824F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:48:40.0476 0x0820  RTHDVCPL - ok
19:48:40.0507 0x0820  [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
19:48:40.0531 0x0820  XboxStat - ok
19:48:40.0542 0x0820  [ 20C08CA080F650B730B1E3FDEA9AD532, 1D2B0914412378E0B5834A95BDD86F8927B6A8D37F4E044C904CE381F1C19A75 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
19:48:40.0558 0x0820  AdobeAAMUpdater-1.0 - ok
19:48:40.0564 0x0820  [ 747CEF68DA0B3BABD64B74C0E06C050E, C640AF94F66025E8B9937A37A361547580DB3F0B5F62F21E8B30A087BE018015 ] C:\Program Files\iTunes\iTunesHelper.exe
19:48:40.0576 0x0820  iTunesHelper - ok
19:48:40.0578 0x0820  Logitech Download Assistant - ok
19:48:40.0665 0x0820  [ 6B34B34C61D69D9B7B7A46B364C9FC47, 43E9BC13021399EA859A04DC9824C195C984D8037842747834858194B84D14F6 ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
19:48:40.0779 0x0820  StartCN - ok
19:48:40.0799 0x0820  [ 50B4BD30A102B5E7BFAEB87629C94466, A6AA1097A77F5AA84111F98C84E51B7219B893308E16D909D8915AB46C6E71EE ] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
19:48:40.0817 0x0820  LexwareInfoService - ok
19:48:40.0912 0x0820  [ A8D9ADD3A366F7E475304EDC9FB382A8, 6589C37AA6A5159BC4EF8988719E124A179991E7D2DADD755713E86DB04686B9 ] C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe
19:48:40.0999 0x0820  Bonus.SSR.FR12 - detected UnsignedFile.Multi.Generic ( 1 )
19:48:41.0037 0x0820  Detect skipped due to KSN trusted
19:48:41.0037 0x0820  Bonus.SSR.FR12 - ok
19:48:41.0104 0x0820  [ 1A774CBE54318A3411539BA10D47BEF5, 99CDBD90429FCAFA1C814E49EFF1160E8DC7D43B8F82E8AC33116BE7D42DBA9B ] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
19:48:41.0160 0x0820  Malwarebytes Anti-Exploit - ok
19:48:41.0252 0x0820  [ 6F5C9785C05D23DABE407653C12B8A05, 3EC2AACE39D47BC3C34CC8F53DA652A5FFE3A09304AB77AFCF17D4E5CC10F82E ] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe
19:48:41.0317 0x0820  ISUSPM - ok
19:48:41.0404 0x0820  [ C43B7F065407BB18FC359AA4FB436DB5, B4B0C83810A2A4472F89D0135CDFE85BC15AAB0216414502B7EFC7E1313B648D ] C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
19:48:41.0494 0x0820  OmniPage Preload - ok
19:48:41.0521 0x0820  [ 130924FEDB988C2E01A33E8B2C9CD588, BA0634A5A590A027D1562F5EA6B0B977C9E39CDA601B50790A8EE6098D5E82E6 ] C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
19:48:41.0535 0x0820  Nuance OmniPage Ultimate-reminder - ok
19:48:41.0561 0x0820  [ F44FD5B2D864BB57061B7F667980D17A, 2E3081AC8B9EC1435EB7A0B4A830C1EB25F5212C9776C10DC7284C1ED94199ED ] C:\Program Files (x86)\Nuance\PDFCreate8\pdfcreate8hook.exe
19:48:41.0594 0x0820  PDFCreHook - ok
19:48:41.0601 0x0820  [ 28B8ECAE3A212BC442C89ED32F28740C, 3A6CD16F56702FE8407C2E124FD4668A488D89C894E4B9E34E03AF036DEAAD60 ] C:\Program Files (x86)\Nuance\PDFCreate8\RegistryController.exe
19:48:41.0612 0x0820  PDF8 Registry Controller - ok
19:48:41.0642 0x0820  [ 53C3DFF8527E91787533D3FAF38D0A93, 9AD1FCB61F6DB4FE7F33799414465E65E07A40410C24992F7C9B779557468C25 ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe
19:48:41.0679 0x0820  Acrobat Assistant 8.0 - ok
19:48:41.0796 0x0820  OneDriveSetup - ok
19:48:41.0797 0x0820  OneDriveSetup - ok
19:48:41.0828 0x0820  [ 91DD4AD85BB341CC8CF5187EA06FD171, 68330A5EBDA7E4A51926EC2085D71C11BD2857A6EB1D4749DEE7A6D1D5679B98 ] C:\Users\NABIL\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:48:41.0853 0x0820  OneDrive - ok
19:48:42.0046 0x0820  [ 3D5D4137594D2EBA8868EAD504B89366, D5FEB5B8303B083A79A4617E59B2FB34FAD71BE72F3F8DD6E4B69B3D03FE658A ] C:\Program Files\DAEMON Tools Lite\DTAgent.exe
19:48:42.0196 0x0820  DAEMON Tools Lite Automount - ok
19:48:42.0205 0x0820  Skype - ok
19:48:42.0207 0x0820  Speech Recognition - ok
19:48:42.0249 0x0820  [ 5EC5BE9EE2702B3B574BE7AD975590BC, 21DB2BCFEA9DC10CF0AD80CC737C438ABC79BA671A79F3C152BC679EB63E6BCD ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
19:48:42.0287 0x0820  Adobe Acrobat Synchronizer - ok
19:48:42.0315 0x0820  [ F7BF95877017F53DDAEBC4E87A309168, F7849DBC61E5E7C42B97D011364ADC7C20257994FECBFA988C8CB2E779392F80 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
19:48:42.0330 0x0820  iCloudServices - ok
19:48:42.0384 0x0820  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\asd\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:48:42.0412 0x0820  OneDrive - ok
19:48:42.0547 0x0820  [ 3D5D4137594D2EBA8868EAD504B89366, D5FEB5B8303B083A79A4617E59B2FB34FAD71BE72F3F8DD6E4B69B3D03FE658A ] C:\Program Files\DAEMON Tools Lite\DTAgent.exe
19:48:42.0615 0x0820  DAEMON Tools Lite Automount - ok
19:48:42.0665 0x0820  [ ADF6C78FC95716CA45A68FD3DA1C1A78, 8250D47AC8C25A3A2DB8AB2148350F7086141F91DB317D0431DA545430B843F5 ] C:\Program Files (x86)\Steam\steam.exe
19:48:42.0718 0x0820  Steam - ok
19:48:42.0764 0x0820  [ 5EC5BE9EE2702B3B574BE7AD975590BC, 21DB2BCFEA9DC10CF0AD80CC737C438ABC79BA671A79F3C152BC679EB63E6BCD ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
19:48:42.0783 0x0820  Adobe Acrobat Synchronizer - ok
19:48:42.0857 0x0820  Uninstall C:\Users\asd\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64 - ok
19:48:42.0861 0x0820  Uninstall C:\Users\asd\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1 - ok
19:48:42.0941 0x0820  OneDriveSetup - ok
19:48:42.0953 0x0820  [ 61F488AC3053DEB2AADB6A34DEBC8876, B5C5E0325F0FB4A37E80F08273B7483630F676C6342519564798CE7D1F121CB7 ] C:\Users\bazet\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:48:42.0974 0x0820  OneDrive - ok
19:48:42.0975 0x0820  WAB Migrate - ok
19:48:42.0976 0x0820  OneDriveSetup - ok
19:48:42.0994 0x0820  [ EFC73875D6A2DECAD030633A9A75F00A, AA7B65649B37FFC68A6FFB23CBBE73E1BB873C840B9EA0049421D2B4C0EC364F ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE
19:48:43.0008 0x0820  EPLTarget\P0000000000000000 - ok
19:48:43.0009 0x0820  WAB Migrate - ok
19:48:43.0011 0x0820  OneDriveSetup - ok
19:48:43.0011 0x0820  WAB Migrate - ok
19:48:43.0012 0x0820  Waiting for KSN requests completion. In queue: 91
19:48:44.0030 0x0820  AV detected via SS2: Emsisoft Anti-Malware, C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2start.exe ( 9.0.0.4668 ), 0x40010 ( disabled : outofdate )
19:48:44.0033 0x0820  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.494 ), 0x61100 ( enabled : updated )
19:48:44.0036 0x0820  Win FW state via NFP2: enabled ( trusted )
19:48:44.0127 0x0820  ============================================================
19:48:44.0127 0x0820  Scan finished
19:48:44.0127 0x0820  ============================================================
19:48:44.0131 0x323c  Detected object count: 0
19:48:44.0131 0x323c  Actual detected object count: 0

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von NABIL (Administrator) auf NABIL-PC (11-09-2016 20:02:25)
Gestartet von C:\Users\NABIL\Downloads
Geladene Profile: NABIL (Verfügbare Profile: NABIL & asd & bazet & Gast & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start101\Start10Srv.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Windows\KMS-R@1n.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start101\Start10_64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDFCreate8\PdfCreate8Hook.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Valve Corporation) M:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(AO Kaspersky Lab) C:\Users\NABIL\Downloads\tdsskiller.exe
(AO Kaspersky Lab) C:\Users\NABIL\AppData\Local\Temp\{D0F90BAE-133B-4DA8-A184-20208F6568FD}\{061B3142-B031-4678-A94D-628B6536EFD0}.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Windows\KMS-R@1nhook.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16697352 2016-08-26] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1517088 2014-09-22] (ABBYY Production LLC.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2631120 2016-07-28] (Malwarebytes Corporation)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC.)
HKLM-x32\...\Run: [OmniPage Preload] => C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe [3021528 2014-11-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance OmniPage Ultimate-reminder] => "C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\OmniPage Ultimate\Ereg\Ereg.ini"
HKLM-x32\...\Run: [PDFCreHook] => C:\Program Files (x86)\Nuance\PDFCreate8\pdfcreate8hook.exe [1109016 2014-11-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF8 Registry Controller] => C:\Program Files (x86)\Nuance\PDFCreate8\RegistryController.exe [189976 2014-11-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-07-28] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-06-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll [2013-08-08] (Gladinet, INC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2016-04-06]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nuance Cloud Connector.lnk [2016-02-23]
ShortcutTarget: Nuance Cloud Connector.lnk -> C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{281f7690-3078-4910-b67d-7743d4eb2a9a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F37B658C-DD8B-4CF0-8B0B-6CE9D411B48F}: [NameServer] 208.67.222.222 208.67.220.220

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO-x32: ZeonIEEventHelper Class -> {C7DA0384-42AA-428c-B832-88AC343DE1A8} -> C:\Program Files (x86)\Nuance\PDFCreate8\Bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Nuance PDF - {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - C:\Program Files (x86)\Nuance\PDFCreate8\Bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-225648569-1694930765-1264359465-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-30] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> m:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-25] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-30] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-03-18] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-225648569-1694930765-1264359465-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Extension: (Kein Name) - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff [nicht gefunden]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-02-22] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-06-01]

Chrome: 
=======
CHR Profile: C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-01]
CHR Extension: (Google-Suche) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Adblock Plus) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\fancjlijdfajbmighlldmgmeobfmempn [2015-03-23]
CHR Extension: (Google Docs Offline) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR Extension: (Google Mail) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4907232 2014-12-01] (Emsisoft GmbH)
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [961744 2014-07-13] (ABBYY Production LLC)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-24] () [Datei ist nicht signiert]
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 Asus Product Register Service; C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe [62128 2012-09-11] () [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1145216 2015-05-19] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-11-27] (Digital Wave Ltd.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [30032 2013-08-08] (Gladinet, INC)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-02-11] () [Datei ist nicht signiert]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [750032 2016-07-28] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\RpcAgentSrv.exe [73200 2015-02-15] (SiSoftware) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 Start10; C:\Program Files (x86)\Stardock\Start101\Start10Srv.exe [219664 2015-02-03] (Stardock Software, Inc)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [Datei ist nicht signiert]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [124168 2016-01-19] (Wondershare)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-12-22] (Advanced Micro Devices)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-10] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [531424 2015-12-22] (Intel Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [74984 2016-07-28] ()
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-11-08] (REALiX(tm))
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-03-14] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-12-22] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-04-30] ()
U4 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-11 19:40 - 2016-09-11 19:49 - 00099796 _____ C:\TDSSKiller.3.1.0.11_11.09.2016_19.40.39_log.txt
2016-09-11 19:40 - 2016-09-11 19:40 - 04747704 _____ (AO Kaspersky Lab) C:\Users\NABIL\Downloads\tdsskiller.exe
2016-09-11 19:40 - 2016-09-11 19:40 - 00250064 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\34425297.sys
2016-09-11 19:37 - 2016-09-11 20:02 - 00032855 _____ C:\Users\NABIL\Downloads\FRST.txt
2016-09-11 19:37 - 2016-09-11 20:02 - 00000000 ____D C:\FRST
2016-09-11 19:37 - 2016-09-11 19:39 - 00074242 _____ C:\Users\NABIL\Downloads\Addition.txt
2016-09-11 19:36 - 2016-09-11 19:36 - 02397696 _____ (Farbar) C:\Users\NABIL\Downloads\FRST64.exe
2016-09-04 20:53 - 2016-09-04 20:53 - 00005208 _____ C:\Users\NABIL\Downloads\relink.to__Rampage_2009_German_DTS_DL_1080p_BluRay_x264_-_SoW_158023ecdb764581577579d64a4c06.dlc
2016-09-04 20:19 - 2016-09-04 20:19 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-09-04 20:19 - 2016-08-26 09:18 - 72520720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-09-04 20:19 - 2016-08-26 09:18 - 24414760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 24323312 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 17377488 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 15202040 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 14057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 13122584 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 12988352 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 10534696 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 06947183 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-09-04 20:19 - 2016-08-26 09:18 - 06374320 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05793528 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05593616 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05341352 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05293064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-09-04 20:19 - 2016-08-26 09:18 - 03299824 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03291320 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03203592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03134720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02895104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-09-04 20:19 - 2016-08-26 09:18 - 02825104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02776224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02706864 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02439048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02203752 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02110600 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02073096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01920820 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2016-09-04 20:19 - 2016-08-26 09:18 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01607136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01529144 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01422928 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01360520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01337648 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01213664 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01186840 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01166160 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01115144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01041744 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01001800 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00999856 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00965032 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00962136 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00864344 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00858200 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00854032 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00725944 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00678184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00618192 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00601144 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00571376 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00498648 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00472312 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00467160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00447184 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00438696 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CAF64APO2.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00416512 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00372744 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00366128 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00203848 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00190936 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00190936 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00179600 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00154368 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00112496 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Caf64api.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00005604 _____ C:\WINDOWS\system32\cxapo.lncs
2016-09-04 20:19 - 2016-08-26 09:18 - 00000736 _____ C:\WINDOWS\system32\cxapo.prop
2016-09-04 20:13 - 2016-04-11 13:38 - 02838232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-09-04 20:04 - 2016-09-04 20:08 - 348623152 _____ C:\Users\NABIL\Downloads\7917_PG448_Win10_TH_RS_Win8.1_Win8_Win7_WHQL.zip
2016-09-04 20:03 - 2016-09-04 20:03 - 01474568 _____ C:\Users\NABIL\Downloads\Realtek HD Audio Treiber inoffizielle WHQL Treiber - CHIP-Installer.exe
2016-09-04 20:02 - 2016-09-04 20:09 - 131494359 _____ (Realtek Semiconductor Corp.) C:\Users\NABIL\Downloads\0006-64bit_Win7_Win8_Win81_Win10_R279.exe
2016-08-21 20:23 - 2016-08-21 20:23 - 00000219 _____ C:\Users\NABIL\Desktop\Counter-Strike Global Offensive.url
2016-08-15 21:49 - 2016-08-15 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-08-14 20:54 - 2016-08-14 20:54 - 00110244 _____ C:\WINDOWS\Minidump\081416-17609-01.dmp
2016-08-14 17:29 - 2016-08-14 17:29 - 00000000 ____D C:\Program Files\ATI Technologies
2016-08-14 17:28 - 2016-09-04 20:20 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-08-12 01:07 - 2016-08-12 01:07 - 08892696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 08738920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 07115928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00479368 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00164280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00159088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00154920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00138688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00138176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00123120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00123104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 48819200 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 38266368 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 32555512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 27489280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 26639360 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 21641216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 15729152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 14320128 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 08830456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 08627704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 07076352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02376704 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02286584 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02147328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 01837568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00883192 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00751616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00627192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00459776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00402944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00350208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00292352 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00287744 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00275968 _____ C:\WINDOWS\system32\GameManager64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00270336 _____ C:\WINDOWS\system32\clinfo.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00268792 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00249336 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00241152 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00234496 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00231424 _____ C:\WINDOWS\system32\atieah64.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00222208 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00209408 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00202744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00201728 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00181760 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00176640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00159736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00137208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00135168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00130560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00123896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00118784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00113664 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00111616 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00109568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00104448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00083960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00079864 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00069632 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00068608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00068096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00067584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00066560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00060920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00055800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00021496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-11 19:42 - 2015-08-27 14:42 - 00000911 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job
2016-09-11 19:42 - 2015-08-27 14:42 - 00000725 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job
2016-09-11 19:36 - 2015-07-26 23:01 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\TS3Client
2016-09-11 19:32 - 2013-10-25 18:03 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-11 19:16 - 2013-10-19 03:04 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-11 18:40 - 2013-10-08 21:23 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\vlc
2016-09-11 12:32 - 2013-10-25 18:03 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-11 10:32 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-10 14:30 - 2016-02-23 01:50 - 00000000 ____D C:\Users\NABIL\AppData\Local\gladinet
2016-09-10 14:28 - 2014-04-17 17:43 - 00000000 ____D C:\ProgramData\TEMP
2016-09-10 14:27 - 2016-01-03 17:42 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\Skype
2016-09-10 14:10 - 2016-02-21 13:31 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-10 14:10 - 2014-03-19 17:30 - 00000000 ____D C:\Users\NABIL\AppData\Local\JDownloader 2.0
2016-09-09 14:58 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-08 20:38 - 2015-11-08 01:18 - 00003978 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1446938337
2016-09-08 20:38 - 2015-11-08 01:18 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-09-08 20:38 - 2015-11-08 01:18 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-08 02:29 - 2016-01-27 18:45 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-09-04 20:27 - 2016-04-30 07:23 - 02089750 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-04 20:27 - 2016-02-13 18:59 - 00889234 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-04 20:27 - 2016-02-13 18:59 - 00197816 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-04 20:27 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-04 20:23 - 2013-11-12 22:14 - 00000000 ____D C:\ProgramData\AMD
2016-09-04 20:22 - 2014-11-08 04:57 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2016-09-04 20:21 - 2016-02-13 19:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-04 20:20 - 2016-04-30 07:22 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-09-04 20:20 - 2015-10-30 08:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-09-04 20:20 - 2013-10-05 03:00 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-09-04 20:19 - 2016-04-30 07:22 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-09-04 19:59 - 2015-07-26 23:01 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-09-01 09:14 - 2016-06-17 22:09 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-09-01 03:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-01 03:00 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-31 16:00 - 2016-04-30 07:23 - 00000000 ____D C:\Users\NABIL
2016-08-24 14:11 - 2016-06-05 19:08 - 00000000 ____D C:\Users\NABIL\Desktop\absagen vom 05.06.16
2016-08-24 13:47 - 2013-11-06 21:41 - 00000000 ____D C:\Users\NABIL\AppData\Local\Packages
2016-08-24 00:26 - 2013-10-25 16:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-08-15 21:49 - 2015-11-10 09:46 - 00002009 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-08-15 21:49 - 2015-11-10 09:46 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-08-15 10:01 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-14 22:47 - 2013-10-07 15:17 - 00000000 ____D C:\Users\NABIL\AppData\Local\ElevatedDiagnostics
2016-08-14 20:54 - 2016-07-27 17:51 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-14 17:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-14 17:29 - 2016-04-30 07:23 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-14 17:29 - 2016-04-30 07:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-08-14 17:29 - 2016-04-30 07:23 - 00000000 ____D C:\Program Files (x86)\AMD
2016-08-14 17:28 - 2016-04-30 07:22 - 00000000 ____D C:\Program Files\AMD
2016-08-14 17:28 - 2014-05-28 01:55 - 00000000 ____D C:\AMD
2016-08-12 01:07 - 2016-04-23 00:56 - 10995344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 10317568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 09340136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 09131736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 07258160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 01547544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 01273928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 00183952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 00152800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 00137224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-08-12 01:06 - 2016-04-23 00:56 - 26706432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-08-12 01:06 - 2016-04-23 00:56 - 01323008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-08-12 01:06 - 2016-04-23 00:56 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-08-12 01:06 - 2016-04-23 00:56 - 00521728 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-08-12 01:06 - 2016-04-23 00:56 - 00518656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-08-12 01:06 - 2016-04-23 00:56 - 00287232 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-15 18:56 - 2015-09-15 18:56 - 0000000 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-09-15 18:56 - 2015-09-15 18:56 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD
2015-03-01 04:43 - 2015-03-01 05:31 - 14848000 _____ () C:\Users\NABIL\AppData\Roaming\Sandra.mdb
2016-04-30 07:22 - 2016-04-30 07:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\asd\AppData\Local\Temp\proxy_vole2008580591415989544.dll
C:\Users\asd\AppData\Local\Temp\proxy_vole5313419656434273934.dll
C:\Users\asd\AppData\Local\Temp\proxy_vole6505369171543915562.dll
C:\Users\NABIL\AppData\Local\Temp\i4jdel0.exe
C:\Users\NABIL\AppData\Local\Temp\MSETUP4.EXE
C:\Users\NABIL\AppData\Local\Temp\proxy_vole5631846365696866387.dll
C:\Users\NABIL\AppData\Local\Temp\proxy_vole571332217995924973.dll
C:\Users\NABIL\AppData\Local\Temp\proxy_vole576922321117719755.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-09 20:18

==================== Ende von FRST.txt ============================

Ich hab das Programm deinstalliert was muss ich jetzt tun?

M-K-D-B · 12.09.2016, 15:41

Servus,

bitte beachten:

Zitat:

Gestartet von C:\Users\NABIL\Downloads

Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

nabil21 · 12.09.2016, 21:03

Code:

ATTFilter

# AdwCleaner v6.010 - Bericht erstellt am 12/09/2016 um 22:04:20
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-09-12.1 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : NABIL - NABIL-PC
# Gestartet von : C:\Users\NABIL\Desktop\AdwCleaner_6.010.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****

[-] Datei gelöscht: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Datei gelöscht: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Datei gelöscht: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_advancedpccare.com_0.localstorage
[#] Datei gelöscht: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[#] Datei gelöscht: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Datei gelöscht: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage
[-] Datei gelöscht: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage-journal


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
[-] Schlüssel gelöscht: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\Software\OCS
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-225648569-1694930765-1264359465-1000\Software\SweetIM
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\OCS
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\f


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2517 Bytes] - [12/09/2016 22:04:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [2739 Bytes] - [12/09/2016 22:03:37]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2663 Bytes] ##########

VON MBAM

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 12.09.2016
Suchlaufzeit: 22:12
Protokolldatei: mbamlog.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.09.12.09
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: NABIL

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 518198
Abgelaufene Zeit: 8 Min., 37 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 5
PUP.Optional.DownloadGuide, C:\ProgramData\Package Cache\{AC60B176-6C90-41D1-977C-EE75BFDB6CFC}v1.0.0.0\free-driver-scout_Setup_product-website_de-DE_x64.msi, In Quarantäne, [72d782ef0a9039fdd5c954759b69768a], 
CrackTool.Agent.X, C:\Users\asd\AppData\Local\Temp\Rar$EXa0.704\AcrobatDC1501620041\ADOBE_ACROBAT_PRO_DC_V2015_MULTI-XFORCE.rar, In Quarantäne, [cd7c066bc4d666d0ffe355e712efed13], 
HackTool.Agent.KMS, C:\Windows\KMS-QADhook.dll, Löschen bei Neustart, [ba8fd69b009a47ef542975d908fae818], 
PUP.Optional.DownloadGuide, C:\Windows\Installer\4587d55.msi, In Quarantäne, [fb4ebeb3aaf069cda1fd37929c6821df], 
PUP.Optional.DownloadGuide, C:\Windows\Installer\{AC60B176-6C90-41D1-977C-EE75BFDB6CFC}\ProductIcon.exe, In Quarantäne, [a4a5244d4852d95dafef56733cc8a35d], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

M-K-D-B · 13.09.2016, 15:18

Servus,

gut gemacht.

Es fehlt noch die Logdatei von JRT und die zwei von FRST.

13.09.2016, 15:18	#8
M-K-D-B /// TB-Ausbilder	Laptop/Rechner bootet und arbeitet langsam.. Servus, gut gemacht. Es fehlt noch die Logdatei von JRT und die zwei von FRST.

Laptop/Rechner bootet und arbeitet langsam..

Plagegeister aller Art und deren Bekämpfung: Laptop/Rechner bootet und arbeitet langsam..