Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: pum.bad.proxy kommt immer wieder

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Alt 11.07.2015, 12:22   #1
snuggel123
 
pum.bad.proxy kommt immer wieder - Standard

pum.bad.proxy kommt immer wieder



Hey, das Teil nervt :-)

Hoffe man kann helfen.
Die gewünschten Logs :

Code:
ATTFilter
Hey, das Teil nervt :-)

Hoffe man kann helfen.
Die gewünschten Logs :

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-07-2015
Ran by webst (administrator) on RECHTS-PC on 11-07-2015 00:09:24
Running from C:\Users\webst\Desktop
Loaded Profiles: webst (Available Profiles: webst & Joerg)
Platform: Windows 8.1 Pro (X64) OS Language: Englisch (Großbritannien)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
() C:\Program Files (x86)\AAVUpdateManager\aavus.exe
(ABBYY) C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files (x86)\EASEUS\Todo Backup\bin\TodoBackupService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(J3S GmbH) C:\Program Files (x86)\COMPUTER BILD Account-Alarm\COMPUTER BILD Account-Alarm.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Deutsche Telekom AG) C:\Users\webst\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe
(J3S GmbH) C:\Program Files (x86)\COMPUTERBILD-Abzockschutz\Bin\COMPUTERBILD-Abzockschutz.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\EaseUS Partition Master 10.0\bin\EpmNews.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxcr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [380544 2012-06-28] (Alcor Micro Corp.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-04-06] (Bitdefender)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [COMPUTERBILD-Abzockschutz] => C:\Program Files (x86)\COMPUTERBILD-Abzockschutz\bin\COMPUTERBILD-Abzockschutz.exe [537664 2014-04-15] (J3S GmbH)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\EpmNews.exe [2086568 2014-03-06] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe [100864 2014-02-25] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE14 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe [17408 2014-02-25] (Steganos Software GmbH)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-06-23] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [8088488 2014-05-14] (SlySoft, Inc.)
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [GoogleRadar] => C:\Program Files (x86)\GoogleClean\GoogleRadar.exe [1540096 2014-06-17] ()
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [COMPUTER BILD Account-Alarm] => C:\Program Files (x86)\COMPUTER BILD Account-Alarm\COMPUTER BILD Account-Alarm.exe [2058752 2014-08-07] (J3S GmbH)
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-02-25] (Bitdefender)
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [SAFE14 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe [70144 2014-02-25] (Steganos Software GmbH)
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21969480 2015-05-19] (Google)
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [GoogleChromeAutoLaunch_1F44CB0EF79C5A00329816E6692A365E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-07] (Google Inc.)
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\MountPoints2: {5585cfe9-9a0e-11e3-811a-002522baf411} - "K:\setup.exe" 
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\MountPoints2: {9bf800cc-4643-11e3-807a-806e6f6e6963} - "F:\zdata\cobi.exe" 
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\MountPoints2: {b3611562-311c-11e4-823d-002522baf411} - "D:\zdata\cobi.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Twonky Server.lnk [2014-11-30]
ShortcutTarget: Twonky Server.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
Startup: C:\Users\webst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.appref-ms [2013-12-21] ()
Startup: C:\Users\webst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk [2013-10-30]
ShortcutTarget: Mediencenter.lnk -> C:\Users\webst\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [01Mediencenter_InSync] -> {77BC4082-DB5F-439A-8DC8-F9E24A63B0DE} => C:\Users\webst\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll [2013-10-01] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [02Mediencenter_ToSync] -> {528EE335-5034-4EFC-834E-63E5F02D2BC2} => C:\Users\webst\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll [2013-10-01] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [03Mediencenter_Failed] -> {6066ADF0-9EB0-43E5-ADB6-990F5A3B979C} => C:\Users\webst\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll [2013-10-01] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20] (IvoSoft)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20] (IvoSoft)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3858550174-89373323-3384911765-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:50131;https=127.0.0.1:50131
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3858550174-89373323-3384911765-1001 -> D3DFC7F3C04E40DBA16BBBB3D4EE9F74 URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=114576&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3858550174-89373323-3384911765-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = https://www.google.de/search?q={searchTerms}
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-25] (Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20] (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2013-10-20] (IvoSoft)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-25] (Bitdefender)
BHO-x32: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\WINDOWS\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-05-06] (DivX, LLC)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-27] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-14] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-27] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2013-10-20] (IvoSoft)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-25] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-25] (Bitdefender)
Toolbar: HKU\S-1-5-21-3858550174-89373323-3384911765-1001 -> Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-25] (Bitdefender)
Toolbar: HKU\S-1-5-21-3858550174-89373323-3384911765-1001 -> No Name - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: 127.0.0.1	localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{A1B19695-79E8-4F6B-950F-271E91094527}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{A1B19695-79E8-4F6B-950F-271E91094527}: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{AD9A15D4-3B70-42BD-9897-2085400DBD1B}: [DhcpNameServer] 192.168.192.1

FireFox:
========
FF ProfilePath: C:\Users\webst\AppData\Roaming\Mozilla\Firefox\Profiles\uwdjitzd.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_191.dll [2015-07-08] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_191.dll [2015-07-08] ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2013-05-06] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-01-21]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-05-22]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-01-21]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome: 
=======
CHR Profile: C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-23]
CHR Extension: (No Name) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-23]
CHR Extension: (No Name) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-23]
CHR Extension: (No Name) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-23]
CHR Extension: (Adblock Plus) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-13]
CHR Extension: (Google Search) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-23]
CHR Extension: (Bitdefender Wallet) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-01-21]
CHR Extension: (Google Sheets) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-23]
CHR Extension: (AdBlock) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Top Eleven) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljphpjlafmmdmegmfbkacafhbegjfkkn [2014-11-23]
CHR Extension: (No Name) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\lplgmijfnicgfhoccpjcbkidkkcaiapo [2015-03-28]
CHR Extension: (Google Wallet) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-23]
CHR Extension: (Gmail) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-23]
CHR HKU\S-1-5-21-3858550174-89373323-3384911765-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ABBYY.Licensing.FineReader.ScreenshotReader.9.0; C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [397176 2012-08-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2012-08-16] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2281248 2014-10-07] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 MediaCenterControl; C:\Program Files (x86)\Media Center Control\MCC Service.exe [337408 2014-01-07] (Markus Gehlhaar) [File not signed]
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2013-10-20] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175752 2015-06-23] (Sandboxie Holdings, LLC)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [10240 2014-10-29] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2099512 2013-10-12] (TuneUp Software)
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [885576 2013-05-23] ()
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [586568 2013-05-23] (PacketVideo)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)
S4 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-04-06] (Bitdefender)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2013-10-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S4 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580648 2012-07-17] (WiseCleaner.com) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-02-25] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [262544 2015-02-25] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-02-25] (BitDefender)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2015-02-25] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [74616 2012-08-16] (BlueStack Systems)
R2 DRHARD64; C:\WINDOWS\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\WINDOWS\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\WINDOWS\system32\drivers\DRHMSR64.sys [13760 2013-07-21] ()
R2 DRHMSR64; C:\WINDOWS\SysWOW64\drivers\DRHMSR64.sys [13760 2013-07-21] ()
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-01-31] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-02-20] (Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R1 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [20992 2014-09-05] (G Data Software AG)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-04-06] (BitDefender LLC)
S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [43832 2012-10-03] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2013-10-20] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-06-18] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-06-18] ()
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [190088 2015-06-23] (Sandboxie Holdings, LLC)
R1 SLEE_18_DRIVER; C:\WINDOWS\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Remus - ArchiCrypt - )
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-01-31] (Duplex Secure Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
S1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
S1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
S1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\system32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 EUBAKUP0; \??\C:\WINDOWS\system32\drivers\EUBAKUP0.sys [X]
S3 EUBKMON0; \??\C:\WINDOWS\system32\drivers\EUBKMON0.sys [X]
S3 EUFDDISK0; \??\C:\WINDOWS\system32\drivers\EUFDDISK0.sys [X]
U3 idsvc; No ImagePath
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\WNt500x64\Sandra.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-11 00:09 - 2015-07-11 00:10 - 00036226 _____ C:\Users\webst\Desktop\FRST.txt
2015-07-11 00:09 - 2015-07-11 00:09 - 00000000 ____D C:\FRST
2015-07-11 00:07 - 2015-07-11 00:07 - 02112512 _____ (Farbar) C:\Users\webst\Downloads\FRST64.exe
2015-07-11 00:07 - 2015-07-11 00:07 - 02112512 _____ (Farbar) C:\Users\webst\Desktop\FRST64.exe
2015-07-10 23:54 - 2015-07-10 23:54 - 00000662 _____ C:\Users\webst\Desktop\defogger_disable.log
2015-07-10 23:54 - 2015-07-10 23:54 - 00000198 _____ C:\Users\webst\defogger_reenable
2015-07-10 23:53 - 2015-07-10 23:52 - 00050477 _____ C:\Users\webst\Desktop\Defogger.exe
2015-07-10 23:52 - 2015-07-10 23:52 - 00050477 _____ C:\Users\webst\Downloads\Defogger.exe
2015-07-09 23:32 - 2015-07-09 23:32 - 00001064 _____ C:\Users\webst\Desktop\JRT.txt
2015-07-09 22:07 - 2015-07-09 22:07 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-07-09 22:07 - 2015-07-09 22:07 - 00000880 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2015-07-09 22:07 - 2015-07-09 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2015-07-09 22:07 - 2015-07-09 22:07 - 00000000 ____D C:\Program Files\RogueKiller
2015-07-09 22:06 - 2015-07-09 22:07 - 22640336 _____ (Adlice Software ) C:\Users\webst\Downloads\setup.exe
2015-07-09 20:29 - 2015-07-09 20:29 - 02248704 _____ C:\Users\webst\Desktop\adwcleaner_4.208.exe
2015-07-09 19:46 - 2015-07-09 19:46 - 00000000 ____D C:\Users\webst\Downloads\backups
2015-07-09 19:43 - 2015-07-09 19:43 - 00016285 _____ C:\Users\webst\Downloads\hijackthis.log
2015-07-09 19:40 - 2015-07-09 19:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\webst\Downloads\hijackthis.exe
2015-07-08 23:33 - 2015-07-08 23:33 - 00000000 ____D C:\Users\webst\AppData\Local\CrashDumps
2015-07-08 23:30 - 2015-07-08 23:30 - 00000000 ____D C:\ProgramData\RogueKiller
2015-07-08 23:29 - 2015-07-08 23:29 - 21942344 _____ C:\Users\webst\Desktop\RogueKillerX64.exe
2015-07-08 22:16 - 2015-07-08 22:16 - 02953707 _____ (Malwarebytes Corporation) C:\Users\webst\Desktop\JRT.exe
2015-07-08 22:16 - 2015-07-08 22:16 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-RECHTS-PC-Windows-8.1-Pro-(64-bit).dat
2015-07-08 22:16 - 2015-07-08 22:16 - 00000000 ____D C:\RegBackup
2015-07-08 22:11 - 2015-07-08 22:11 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\webst\Downloads\tdsskiller.exe
2015-07-08 21:53 - 2015-07-08 21:53 - 02244096 _____ C:\Users\webst\Downloads\adwcleaner_4.207.exe
2015-07-08 00:17 - 2014-08-30 19:33 - 00000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20150708-001733.backup
2015-07-07 23:15 - 2015-07-07 23:15 - 00001437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-07-07 23:15 - 2015-07-07 23:15 - 00001425 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-07-07 23:15 - 2015-07-07 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-07-07 23:15 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-07-07 23:14 - 2015-07-07 23:14 - 01198368 _____ C:\Users\webst\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-07-06 08:17 - 2015-07-06 08:17 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\52CF4773.sys
2015-07-05 17:20 - 2015-07-05 17:20 - 05270008 _____ (Tangysoft Ltd. ) C:\Users\webst\Downloads\UseNeXTSetup_5.64 (1).exe
2015-07-05 17:20 - 2015-07-05 17:20 - 00001885 _____ C:\Users\webst\Desktop\UseNeXT by Tangysoft.lnk
2015-07-03 18:38 - 2015-07-03 18:38 - 00014767 _____ C:\Users\webst\Desktop\bruschatta.odt
2015-07-03 18:01 - 2015-07-03 18:01 - 00419080 _____ C:\WINDOWS\Minidump\070315-22656-01.dmp
2015-07-01 21:48 - 2015-07-03 18:01 - 517986007 _____ C:\WINDOWS\MEMORY.DMP
2015-07-01 21:48 - 2015-07-01 21:48 - 01057104 _____ C:\WINDOWS\Minidump\070115-28281-01.dmp
2015-07-01 19:34 - 2015-07-01 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2015-06-28 21:37 - 2015-06-28 21:37 - 00001146 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-28 21:36 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-28 21:36 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-28 21:36 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-27 20:14 - 2015-06-27 20:16 - 1549615104 _____ C:\Users\webst\Downloads\linuxmint-17.1-cinnamon-64bit.iso
2015-06-27 18:40 - 2015-06-27 18:40 - 00002093 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-06-27 18:40 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-06-27 18:38 - 2015-06-27 18:38 - 00562272 _____ (Oracle Corporation) C:\Users\webst\Downloads\chromeinstall-8u45 (1).exe
2015-06-27 18:38 - 2015-06-27 18:34 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-06-27 18:32 - 2015-06-27 18:32 - 00562272 _____ (Oracle Corporation) C:\Users\webst\Downloads\chromeinstall-8u45.exe
2015-06-25 22:07 - 2015-06-17 11:10 - 42729104 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 37748880 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 12855416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-06-25 22:07 - 2015-06-17 11:10 - 03395648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435330.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 01567576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435330.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00879000 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-06-25 22:07 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb
2015-06-25 21:34 - 2015-06-24 13:36 - 01571696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-06-25 21:34 - 2015-06-24 13:36 - 01320120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-06-25 21:33 - 2015-06-25 21:33 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-06-25 21:33 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-06-25 21:33 - 2015-05-19 05:14 - 00061616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-06-25 21:33 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-06-20 17:21 - 2015-06-20 17:21 - 00012601 _____ C:\Users\webst\Desktop\nl.odt
2015-06-17 19:07 - 2015-06-17 19:07 - 02633128 _____ C:\Users\webst\Downloads\mediencenter_pc_sync.exe
2015-06-17 19:05 - 2015-06-17 19:05 - 00010480 _____ C:\Users\webst\Desktop\controller.odt
2015-06-14 21:10 - 2015-06-14 21:10 - 00002080 _____ C:\Users\Public\Desktop\Google Slides.lnk
2015-06-14 21:10 - 2015-06-14 21:10 - 00002078 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-06-14 21:10 - 2015-06-14 21:10 - 00002068 _____ C:\Users\Public\Desktop\Google Docs.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-11 00:09 - 2014-09-30 16:37 - 02028940 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-11 00:08 - 2014-09-30 16:39 - 00390876 _____ C:\WINDOWS\setupact.log
2015-07-11 00:07 - 2015-05-20 18:02 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-11 00:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-11 00:02 - 2012-11-27 02:16 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3858550174-89373323-3384911765-1001
2015-07-10 23:59 - 2012-11-29 01:07 - 00003934 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{04AACD24-98CB-4621-B465-62473BB835A0}
2015-07-10 23:58 - 2014-12-08 23:35 - 00000000 ___RD C:\Users\webst\Google Drive
2015-07-10 23:58 - 2014-11-30 20:40 - 00000000 ____D C:\ProgramData\TwonkyServer
2015-07-10 23:58 - 2014-03-01 14:43 - 00000000 __RDO C:\Users\webst\SkyDrive
2015-07-10 23:58 - 2013-10-30 18:53 - 00000000 ___RD C:\Users\webst\Mediencenter
2015-07-10 23:58 - 2013-10-22 06:38 - 00000000 ____D C:\Users\webst\AppData\Local\Deployment
2015-07-10 23:57 - 2015-05-20 18:02 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-10 23:57 - 2015-05-06 21:35 - 00000298 _____ C:\WINDOWS\Tasks\AbelssoftPreloader.job
2015-07-10 23:57 - 2015-02-21 17:16 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-10 23:57 - 2013-10-20 02:51 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-10 23:57 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-10 23:55 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-07-10 23:54 - 2013-10-20 02:57 - 00000000 ____D C:\Users\webst
2015-07-10 23:20 - 2013-10-30 21:10 - 00000000 ____D C:\AdwCleaner
2015-07-10 23:18 - 2013-09-10 20:11 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-09 21:59 - 2013-10-23 13:47 - 00000000 ____D C:\Users\webst\AppData\Roaming\ClassicShell
2015-07-08 21:18 - 2013-09-10 20:11 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-07-08 20:36 - 2013-05-15 21:58 - 00002636 _____ C:\WINDOWS\Sandboxie.ini
2015-07-08 20:18 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-07-07 23:21 - 2013-10-30 19:38 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-07-07 23:15 - 2013-10-30 19:38 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-07-07 23:12 - 2014-11-23 13:45 - 00002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-07 23:12 - 2014-05-16 18:06 - 00000000 ____D C:\Users\webst\VMLites
2015-07-07 22:32 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-07-06 12:41 - 2013-09-30 06:12 - 02419734 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-06 12:41 - 2012-08-02 12:49 - 01153556 _____ C:\WINDOWS\system32\perfh007.dat
2015-07-06 12:41 - 2012-08-02 12:49 - 00273612 _____ C:\WINDOWS\system32\perfc007.dat
2015-07-06 08:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-05 20:21 - 2014-04-14 18:58 - 00000000 ____D C:\Users\webst\AppData\Roaming\UseNeXT
2015-07-05 17:20 - 2014-04-14 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2015-07-05 17:20 - 2014-04-14 18:58 - 00000000 ____D C:\Program Files (x86)\UseNeXT
2015-07-05 15:53 - 2012-08-07 16:14 - 00000072 _____ C:\Users\Public\LMDebug.log
2015-07-03 18:01 - 2013-10-24 19:19 - 00000000 ____D C:\WINDOWS\Minidump
2015-07-01 23:02 - 2015-04-25 19:19 - 00000000 ____D C:\Users\webst\AppData\Roaming\Usenet.nl
2015-07-01 23:02 - 2012-08-07 20:08 - 00000000 ____D C:\Users\webst\AppData\Roaming\vlc
2015-06-28 21:37 - 2015-02-21 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-28 21:37 - 2015-02-21 17:16 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-27 19:56 - 2014-05-08 21:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-27 19:54 - 2012-08-04 22:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-27 18:40 - 2013-12-08 02:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-27 18:40 - 2013-10-20 02:51 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-27 18:38 - 2015-01-25 14:46 - 00000000 ____D C:\Program Files\Java
2015-06-27 18:38 - 2014-09-06 20:55 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-27 18:32 - 2014-02-12 16:44 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-25 22:10 - 2015-05-27 19:04 - 00000000 ____D C:\WINDOWS\LastGood
2015-06-25 22:08 - 2013-10-20 02:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-25 21:34 - 2013-12-08 02:43 - 00001435 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-06-24 13:36 - 2014-06-03 13:06 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-06-24 13:36 - 2014-06-03 13:06 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-06-17 08:48 - 2015-05-27 19:07 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-06-17 08:48 - 2013-10-20 02:51 - 06873232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-06-17 08:48 - 2013-10-20 02:51 - 03492168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-06-17 08:48 - 2013-10-20 02:51 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-06-17 08:48 - 2013-10-20 02:51 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-06-17 08:48 - 2013-10-20 02:51 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-06-14 21:10 - 2014-12-08 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

==================== Files in the root of some directories =======

2014-09-10 12:14 - 2014-02-19 16:04 - 1383399 _____ () C:\Users\webst\AppData\Roaming\Ansichten.pdf
2014-08-31 18:51 - 2014-08-31 18:51 - 0000000 _____ () C:\Users\webst\AppData\Roaming\gdfw.log
2014-08-31 18:50 - 2014-09-05 18:49 - 0001755 _____ () C:\Users\webst\AppData\Roaming\gdscan.log
2014-10-18 18:41 - 2014-10-18 18:42 - 0001916 _____ () C:\Users\webst\AppData\Roaming\MyMicroBalanceConfig.ini
2014-09-10 12:14 - 2014-02-19 13:34 - 0810221 _____ () C:\Users\webst\AppData\Roaming\Spende.pdf
2013-07-27 00:03 - 2014-03-18 16:35 - 0000081 _____ () C:\Users\webst\AppData\Roaming\WB.CFG
2012-12-03 12:34 - 2012-12-03 14:40 - 0000036 _____ () C:\Users\webst\AppData\Local\housecall.guid.cache
2012-09-23 21:38 - 2012-09-23 21:38 - 0000236 _____ () C:\Users\webst\AppData\Local\LaunchHomeCenter.log
2015-03-12 03:14 - 2015-03-12 03:14 - 0001558 _____ () C:\Users\webst\AppData\Local\recently-used.xbel
2012-11-27 03:53 - 2012-11-27 03:53 - 0000017 _____ () C:\Users\webst\AppData\Local\resmon.resmoncfg
2012-08-02 13:33 - 2012-08-02 13:33 - 0017408 _____ () C:\Users\webst\AppData\Local\WebpageIcons.db
2013-11-19 19:29 - 2013-11-19 19:29 - 0000011 _____ () C:\ProgramData\.tv7
2014-05-27 19:20 - 2014-05-27 19:20 - 0000040 ___SH () C:\ProgramData\.zreglib
2014-02-12 16:45 - 2014-02-12 16:45 - 0000038 _____ () C:\ProgramData\InstallerWebUI.ini

Some files in TEMP:
====================
C:\Users\webst\AppData\Local\Temp\dllnt_dump.dll
C:\Users\webst\AppData\Local\Temp\Quarantine.exe
C:\Users\webst\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-09 21:42

==================== End of log ============================
         

 

Themen zu pum.bad.proxy kommt immer wieder
.dll, administrator, adobe, avg, bluestacks, browser, computer, defender, explorer, failed, firewall, flash player, google, helper, hijack, kaspersky, kommt immer wieder, launch, mozilla, nvidia, registry, rundll, safer networking, services.exe, software, system, temp, windows, windowsapps, winlogon.exe




Ähnliche Themen: pum.bad.proxy kommt immer wieder


  1. Interneteinstellungen gehen immer wieder auf Proxy
    Plagegeister aller Art und deren Bekämpfung - 03.10.2014 (23)
  2. dllhost.exe kommt immer wieder
    Log-Analyse und Auswertung - 06.09.2014 (5)
  3. CouponDropDown kommt immer wieder
    Plagegeister aller Art und deren Bekämpfung - 04.05.2013 (37)
  4. GVU, Polizei, BKA Trojaner kommt immer und immer wieder
    Plagegeister aller Art und deren Bekämpfung - 07.11.2012 (3)
  5. Stimme kommt immer wieder.
    Plagegeister aller Art und deren Bekämpfung - 28.08.2011 (1)
  6. Es erstellt sich immer ein Ordner und er kommt immer wieder
    Plagegeister aller Art und deren Bekämpfung - 14.04.2011 (1)
  7. Trojaner kommt immer wieder
    Log-Analyse und Auswertung - 05.08.2010 (19)
  8. JS.Redirector.455 kommt immer wieder
    Plagegeister aller Art und deren Bekämpfung - 07.11.2009 (1)
  9. Altnet kommt immer wieder
    Log-Analyse und Auswertung - 28.01.2009 (0)
  10. Virus kommt immer wieder !
    Plagegeister aller Art und deren Bekämpfung - 18.01.2009 (1)
  11. Trojaner kommt immer wieder...
    Log-Analyse und Auswertung - 24.08.2008 (11)
  12. uEXci4uY.exe kommt immer wieder
    Plagegeister aller Art und deren Bekämpfung - 11.07.2008 (22)
  13. Trojaner, kommt immer wieder...!
    Plagegeister aller Art und deren Bekämpfung - 14.01.2007 (3)
  14. Fehler kommt immer wieder ...
    Antiviren-, Firewall- und andere Schutzprogramme - 22.12.2006 (2)
  15. Gefixtes kommt immer wieder!
    Log-Analyse und Auswertung - 07.03.2005 (7)
  16. TR.ZAPCHAST kommt immer wieder !?!?!
    Plagegeister aller Art und deren Bekämpfung - 08.12.2004 (22)
  17. Startseite kommt immer wieder
    Log-Analyse und Auswertung - 12.08.2004 (2)

Zum Thema pum.bad.proxy kommt immer wieder - Hey, das Teil nervt :-) Hoffe man kann helfen. Die gewünschten Logs : Code: Alles auswählen Aufklappen ATTFilter Hey, das Teil nervt :-) Hoffe man kann helfen. Die gewünschten Logs - pum.bad.proxy kommt immer wieder...
Archiv
Du betrachtest: pum.bad.proxy kommt immer wieder auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.