Hoffe man kann helfen.
Code:
Alles auswählen Aufklappen ATTFilter
Hey, das Teil nervt :-)
Hoffe man kann helfen.
Die gewünschten Logs :
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-07-2015
Ran by webst (administrator) on RECHTS-PC on 11-07-2015 00:09:24
Running from C:\Users\webst\Desktop
Loaded Profiles: webst (Available Profiles: webst & Joerg)
Platform: Windows 8.1 Pro (X64) OS Language: Englisch (Großbritannien)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
() C:\Program Files (x86)\AAVUpdateManager\aavus.exe
(ABBYY) C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files (x86)\EASEUS\Todo Backup\bin\TodoBackupService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(J3S GmbH) C:\Program Files (x86)\COMPUTER BILD Account-Alarm\COMPUTER BILD Account-Alarm.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Deutsche Telekom AG) C:\Users\webst\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe
(J3S GmbH) C:\Program Files (x86)\COMPUTERBILD-Abzockschutz\Bin\COMPUTERBILD-Abzockschutz.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\EaseUS Partition Master 10.0\bin\EpmNews.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxcr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [380544 2012-06-28] (Alcor Micro Corp.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-04-06] (Bitdefender)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [COMPUTERBILD-Abzockschutz] => C:\Program Files (x86)\COMPUTERBILD-Abzockschutz\bin\COMPUTERBILD-Abzockschutz.exe [537664 2014-04-15] (J3S GmbH)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\EpmNews.exe [2086568 2014-03-06] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe [100864 2014-02-25] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE14 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe [17408 2014-02-25] (Steganos Software GmbH)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-06-23] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [8088488 2014-05-14] (SlySoft, Inc.)
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [GoogleRadar] => C:\Program Files (x86)\GoogleClean\GoogleRadar.exe [1540096 2014-06-17] ()
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [COMPUTER BILD Account-Alarm] => C:\Program Files (x86)\COMPUTER BILD Account-Alarm\COMPUTER BILD Account-Alarm.exe [2058752 2014-08-07] (J3S GmbH)
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-02-25] (Bitdefender)
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [SAFE14 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe [70144 2014-02-25] (Steganos Software GmbH)
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21969480 2015-05-19] (Google)
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Run: [GoogleChromeAutoLaunch_1F44CB0EF79C5A00329816E6692A365E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-07] (Google Inc.)
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\MountPoints2: {5585cfe9-9a0e-11e3-811a-002522baf411} - "K:\setup.exe"
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\MountPoints2: {9bf800cc-4643-11e3-807a-806e6f6e6963} - "F:\zdata\cobi.exe"
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\...\MountPoints2: {b3611562-311c-11e4-823d-002522baf411} - "D:\zdata\cobi.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Twonky Server.lnk [2014-11-30]
ShortcutTarget: Twonky Server.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
Startup: C:\Users\webst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.appref-ms [2013-12-21] ()
Startup: C:\Users\webst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk [2013-10-30]
ShortcutTarget: Mediencenter.lnk -> C:\Users\webst\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [01Mediencenter_InSync] -> {77BC4082-DB5F-439A-8DC8-F9E24A63B0DE} => C:\Users\webst\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll [2013-10-01] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [02Mediencenter_ToSync] -> {528EE335-5034-4EFC-834E-63E5F02D2BC2} => C:\Users\webst\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll [2013-10-01] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [03Mediencenter_Failed] -> {6066ADF0-9EB0-43E5-ADB6-990F5A3B979C} => C:\Users\webst\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll [2013-10-01] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20] (IvoSoft)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20] (IvoSoft)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3858550174-89373323-3384911765-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:50131;https=127.0.0.1:50131
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about :blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about :blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about :blank
HKU\S-1-5-21-3858550174-89373323-3384911765-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3858550174-89373323-3384911765-1001 -> D3DFC7F3C04E40DBA16BBBB3D4EE9F74 URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=114576&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3858550174-89373323-3384911765-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = https://www.google.de/search?q={searchTerms}
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-25] (Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20] (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2013-10-20] (IvoSoft)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-25] (Bitdefender)
BHO-x32: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\WINDOWS\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-05-06] (DivX, LLC)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-27] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-14] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-27] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2013-10-20] (IvoSoft)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-25] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-25] (Bitdefender)
Toolbar: HKU\S-1-5-21-3858550174-89373323-3384911765-1001 -> Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-25] (Bitdefender)
Toolbar: HKU\S-1-5-21-3858550174-89373323-3384911765-1001 -> No Name - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{A1B19695-79E8-4F6B-950F-271E91094527}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{A1B19695-79E8-4F6B-950F-271E91094527}: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{AD9A15D4-3B70-42BD-9897-2085400DBD1B}: [DhcpNameServer] 192.168.192.1
FireFox:
========
FF ProfilePath: C:\Users\webst\AppData\Roaming\Mozilla\Firefox\Profiles\uwdjitzd.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_191.dll [2015-07-08] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_191.dll [2015-07-08] ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2013-05-06] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-01-21]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-05-22]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-01-21]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
Chrome:
=======
CHR Profile: C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-23]
CHR Extension: (No Name) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-23]
CHR Extension: (No Name) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-23]
CHR Extension: (No Name) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-23]
CHR Extension: (Adblock Plus) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-13]
CHR Extension: (Google Search) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-23]
CHR Extension: (Bitdefender Wallet) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-01-21]
CHR Extension: (Google Sheets) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-23]
CHR Extension: (AdBlock) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Top Eleven) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljphpjlafmmdmegmfbkacafhbegjfkkn [2014-11-23]
CHR Extension: (No Name) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\lplgmijfnicgfhoccpjcbkidkkcaiapo [2015-03-28]
CHR Extension: (Google Wallet) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-23]
CHR Extension: (Gmail) - C:\Users\webst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-23]
CHR HKU\S-1-5-21-3858550174-89373323-3384911765-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files (x86)\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ABBYY.Licensing.FineReader.ScreenshotReader.9.0; C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [397176 2012-08-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2012-08-16] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2281248 2014-10-07] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 MediaCenterControl; C:\Program Files (x86)\Media Center Control\MCC Service.exe [337408 2014-01-07] (Markus Gehlhaar) [File not signed]
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2013-10-20] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175752 2015-06-23] (Sandboxie Holdings, LLC)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [10240 2014-10-29] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2099512 2013-10-12] (TuneUp Software)
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [885576 2013-05-23] ()
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [586568 2013-05-23] (PacketVideo)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)
S4 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-04-06] (Bitdefender)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2013-10-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S4 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580648 2012-07-17] (WiseCleaner.com) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-02-25] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [262544 2015-02-25] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-02-25] (BitDefender)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2015-02-25] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [74616 2012-08-16] (BlueStack Systems)
R2 DRHARD64; C:\WINDOWS\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\WINDOWS\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\WINDOWS\system32\drivers\DRHMSR64.sys [13760 2013-07-21] ()
R2 DRHMSR64; C:\WINDOWS\SysWOW64\drivers\DRHMSR64.sys [13760 2013-07-21] ()
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-01-31] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-02-20] (Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R1 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [20992 2014-09-05] (G Data Software AG)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-04-06] (BitDefender LLC)
S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [43832 2012-10-03] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2013-10-20] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-06-18] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-06-18] ()
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [190088 2015-06-23] (Sandboxie Holdings, LLC)
R1 SLEE_18_DRIVER; C:\WINDOWS\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Remus - ArchiCrypt - )
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-01-31] (Duplex Secure Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
S1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
S1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
S1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\system32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 EUBAKUP0; \??\C:\WINDOWS\system32\drivers\EUBAKUP0.sys [X]
S3 EUBKMON0; \??\C:\WINDOWS\system32\drivers\EUBKMON0.sys [X]
S3 EUFDDISK0; \??\C:\WINDOWS\system32\drivers\EUFDDISK0.sys [X]
U3 idsvc; No ImagePath
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\WNt500x64\Sandra.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-11 00:09 - 2015-07-11 00:10 - 00036226 _____ C:\Users\webst\Desktop\FRST.txt
2015-07-11 00:09 - 2015-07-11 00:09 - 00000000 ____D C:\FRST
2015-07-11 00:07 - 2015-07-11 00:07 - 02112512 _____ (Farbar) C:\Users\webst\Downloads\FRST64.exe
2015-07-11 00:07 - 2015-07-11 00:07 - 02112512 _____ (Farbar) C:\Users\webst\Desktop\FRST64.exe
2015-07-10 23:54 - 2015-07-10 23:54 - 00000662 _____ C:\Users\webst\Desktop\defogger_disable.log
2015-07-10 23:54 - 2015-07-10 23:54 - 00000198 _____ C:\Users\webst\defogger_reenable
2015-07-10 23:53 - 2015-07-10 23:52 - 00050477 _____ C:\Users\webst\Desktop\Defogger.exe
2015-07-10 23:52 - 2015-07-10 23:52 - 00050477 _____ C:\Users\webst\Downloads\Defogger.exe
2015-07-09 23:32 - 2015-07-09 23:32 - 00001064 _____ C:\Users\webst\Desktop\JRT.txt
2015-07-09 22:07 - 2015-07-09 22:07 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-07-09 22:07 - 2015-07-09 22:07 - 00000880 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2015-07-09 22:07 - 2015-07-09 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2015-07-09 22:07 - 2015-07-09 22:07 - 00000000 ____D C:\Program Files\RogueKiller
2015-07-09 22:06 - 2015-07-09 22:07 - 22640336 _____ (Adlice Software ) C:\Users\webst\Downloads\setup.exe
2015-07-09 20:29 - 2015-07-09 20:29 - 02248704 _____ C:\Users\webst\Desktop\adwcleaner_4.208.exe
2015-07-09 19:46 - 2015-07-09 19:46 - 00000000 ____D C:\Users\webst\Downloads\backups
2015-07-09 19:43 - 2015-07-09 19:43 - 00016285 _____ C:\Users\webst\Downloads\hijackthis.log
2015-07-09 19:40 - 2015-07-09 19:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\webst\Downloads\hijackthis.exe
2015-07-08 23:33 - 2015-07-08 23:33 - 00000000 ____D C:\Users\webst\AppData\Local\CrashDumps
2015-07-08 23:30 - 2015-07-08 23:30 - 00000000 ____D C:\ProgramData\RogueKiller
2015-07-08 23:29 - 2015-07-08 23:29 - 21942344 _____ C:\Users\webst\Desktop\RogueKillerX64.exe
2015-07-08 22:16 - 2015-07-08 22:16 - 02953707 _____ (Malwarebytes Corporation) C:\Users\webst\Desktop\JRT.exe
2015-07-08 22:16 - 2015-07-08 22:16 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-RECHTS-PC-Windows-8.1-Pro-(64-bit).dat
2015-07-08 22:16 - 2015-07-08 22:16 - 00000000 ____D C:\RegBackup
2015-07-08 22:11 - 2015-07-08 22:11 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\webst\Downloads\tdsskiller.exe
2015-07-08 21:53 - 2015-07-08 21:53 - 02244096 _____ C:\Users\webst\Downloads\adwcleaner_4.207.exe
2015-07-08 00:17 - 2014-08-30 19:33 - 00000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20150708-001733.backup
2015-07-07 23:15 - 2015-07-07 23:15 - 00001437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-07-07 23:15 - 2015-07-07 23:15 - 00001425 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-07-07 23:15 - 2015-07-07 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-07-07 23:15 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-07-07 23:14 - 2015-07-07 23:14 - 01198368 _____ C:\Users\webst\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-07-06 08:17 - 2015-07-06 08:17 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\52CF4773.sys
2015-07-05 17:20 - 2015-07-05 17:20 - 05270008 _____ (Tangysoft Ltd. ) C:\Users\webst\Downloads\UseNeXTSetup_5.64 (1).exe
2015-07-05 17:20 - 2015-07-05 17:20 - 00001885 _____ C:\Users\webst\Desktop\UseNeXT by Tangysoft.lnk
2015-07-03 18:38 - 2015-07-03 18:38 - 00014767 _____ C:\Users\webst\Desktop\bruschatta.odt
2015-07-03 18:01 - 2015-07-03 18:01 - 00419080 _____ C:\WINDOWS\Minidump\070315-22656-01.dmp
2015-07-01 21:48 - 2015-07-03 18:01 - 517986007 _____ C:\WINDOWS\MEMORY.DMP
2015-07-01 21:48 - 2015-07-01 21:48 - 01057104 _____ C:\WINDOWS\Minidump\070115-28281-01.dmp
2015-07-01 19:34 - 2015-07-01 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2015-06-28 21:37 - 2015-06-28 21:37 - 00001146 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-28 21:36 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-28 21:36 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-28 21:36 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-27 20:14 - 2015-06-27 20:16 - 1549615104 _____ C:\Users\webst\Downloads\linuxmint-17.1-cinnamon-64bit.iso
2015-06-27 18:40 - 2015-06-27 18:40 - 00002093 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-06-27 18:40 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-06-27 18:38 - 2015-06-27 18:38 - 00562272 _____ (Oracle Corporation) C:\Users\webst\Downloads\chromeinstall-8u45 (1).exe
2015-06-27 18:38 - 2015-06-27 18:34 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-06-27 18:32 - 2015-06-27 18:32 - 00562272 _____ (Oracle Corporation) C:\Users\webst\Downloads\chromeinstall-8u45.exe
2015-06-25 22:07 - 2015-06-17 11:10 - 42729104 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 37748880 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 12855416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-06-25 22:07 - 2015-06-17 11:10 - 03395648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435330.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 01567576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435330.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00879000 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-06-25 22:07 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-06-25 22:07 - 2015-06-17 11:10 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb
2015-06-25 21:34 - 2015-06-24 13:36 - 01571696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-06-25 21:34 - 2015-06-24 13:36 - 01320120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-06-25 21:33 - 2015-06-25 21:33 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-06-25 21:33 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-06-25 21:33 - 2015-05-19 05:14 - 00061616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-06-25 21:33 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-06-20 17:21 - 2015-06-20 17:21 - 00012601 _____ C:\Users\webst\Desktop\nl.odt
2015-06-17 19:07 - 2015-06-17 19:07 - 02633128 _____ C:\Users\webst\Downloads\mediencenter_pc_sync.exe
2015-06-17 19:05 - 2015-06-17 19:05 - 00010480 _____ C:\Users\webst\Desktop\controller.odt
2015-06-14 21:10 - 2015-06-14 21:10 - 00002080 _____ C:\Users\Public\Desktop\Google Slides.lnk
2015-06-14 21:10 - 2015-06-14 21:10 - 00002078 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-06-14 21:10 - 2015-06-14 21:10 - 00002068 _____ C:\Users\Public\Desktop\Google Docs.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-11 00:09 - 2014-09-30 16:37 - 02028940 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-11 00:08 - 2014-09-30 16:39 - 00390876 _____ C:\WINDOWS\setupact.log
2015-07-11 00:07 - 2015-05-20 18:02 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-11 00:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-11 00:02 - 2012-11-27 02:16 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3858550174-89373323-3384911765-1001
2015-07-10 23:59 - 2012-11-29 01:07 - 00003934 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{04AACD24-98CB-4621-B465-62473BB835A0}
2015-07-10 23:58 - 2014-12-08 23:35 - 00000000 ___RD C:\Users\webst\Google Drive
2015-07-10 23:58 - 2014-11-30 20:40 - 00000000 ____D C:\ProgramData\TwonkyServer
2015-07-10 23:58 - 2014-03-01 14:43 - 00000000 __RDO C:\Users\webst\SkyDrive
2015-07-10 23:58 - 2013-10-30 18:53 - 00000000 ___RD C:\Users\webst\Mediencenter
2015-07-10 23:58 - 2013-10-22 06:38 - 00000000 ____D C:\Users\webst\AppData\Local\Deployment
2015-07-10 23:57 - 2015-05-20 18:02 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-10 23:57 - 2015-05-06 21:35 - 00000298 _____ C:\WINDOWS\Tasks\AbelssoftPreloader.job
2015-07-10 23:57 - 2015-02-21 17:16 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-10 23:57 - 2013-10-20 02:51 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-10 23:57 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-10 23:55 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-07-10 23:54 - 2013-10-20 02:57 - 00000000 ____D C:\Users\webst
2015-07-10 23:20 - 2013-10-30 21:10 - 00000000 ____D C:\AdwCleaner
2015-07-10 23:18 - 2013-09-10 20:11 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-09 21:59 - 2013-10-23 13:47 - 00000000 ____D C:\Users\webst\AppData\Roaming\ClassicShell
2015-07-08 21:18 - 2013-09-10 20:11 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-07-08 20:36 - 2013-05-15 21:58 - 00002636 _____ C:\WINDOWS\Sandboxie.ini
2015-07-08 20:18 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-07-07 23:21 - 2013-10-30 19:38 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-07-07 23:15 - 2013-10-30 19:38 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-07-07 23:12 - 2014-11-23 13:45 - 00002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-07 23:12 - 2014-05-16 18:06 - 00000000 ____D C:\Users\webst\VMLites
2015-07-07 22:32 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-07-06 12:41 - 2013-09-30 06:12 - 02419734 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-06 12:41 - 2012-08-02 12:49 - 01153556 _____ C:\WINDOWS\system32\perfh007.dat
2015-07-06 12:41 - 2012-08-02 12:49 - 00273612 _____ C:\WINDOWS\system32\perfc007.dat
2015-07-06 08:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-05 20:21 - 2014-04-14 18:58 - 00000000 ____D C:\Users\webst\AppData\Roaming\UseNeXT
2015-07-05 17:20 - 2014-04-14 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2015-07-05 17:20 - 2014-04-14 18:58 - 00000000 ____D C:\Program Files (x86)\UseNeXT
2015-07-05 15:53 - 2012-08-07 16:14 - 00000072 _____ C:\Users\Public\LMDebug.log
2015-07-03 18:01 - 2013-10-24 19:19 - 00000000 ____D C:\WINDOWS\Minidump
2015-07-01 23:02 - 2015-04-25 19:19 - 00000000 ____D C:\Users\webst\AppData\Roaming\Usenet.nl
2015-07-01 23:02 - 2012-08-07 20:08 - 00000000 ____D C:\Users\webst\AppData\Roaming\vlc
2015-06-28 21:37 - 2015-02-21 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-06-28 21:37 - 2015-02-21 17:16 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-06-27 19:56 - 2014-05-08 21:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-27 19:54 - 2012-08-04 22:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-27 18:40 - 2013-12-08 02:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-27 18:40 - 2013-10-20 02:51 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-27 18:38 - 2015-01-25 14:46 - 00000000 ____D C:\Program Files\Java
2015-06-27 18:38 - 2014-09-06 20:55 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-27 18:32 - 2014-02-12 16:44 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-25 22:10 - 2015-05-27 19:04 - 00000000 ____D C:\WINDOWS\LastGood
2015-06-25 22:08 - 2013-10-20 02:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-25 21:34 - 2013-12-08 02:43 - 00001435 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-06-24 13:36 - 2014-06-03 13:06 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-06-24 13:36 - 2014-06-03 13:06 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-06-17 08:48 - 2015-05-27 19:07 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-06-17 08:48 - 2013-10-20 02:51 - 06873232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-06-17 08:48 - 2013-10-20 02:51 - 03492168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-06-17 08:48 - 2013-10-20 02:51 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-06-17 08:48 - 2013-10-20 02:51 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-06-17 08:48 - 2013-10-20 02:51 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-06-14 21:10 - 2014-12-08 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
==================== Files in the root of some directories =======
2014-09-10 12:14 - 2014-02-19 16:04 - 1383399 _____ () C:\Users\webst\AppData\Roaming\Ansichten.pdf
2014-08-31 18:51 - 2014-08-31 18:51 - 0000000 _____ () C:\Users\webst\AppData\Roaming\gdfw.log
2014-08-31 18:50 - 2014-09-05 18:49 - 0001755 _____ () C:\Users\webst\AppData\Roaming\gdscan.log
2014-10-18 18:41 - 2014-10-18 18:42 - 0001916 _____ () C:\Users\webst\AppData\Roaming\MyMicroBalanceConfig.ini
2014-09-10 12:14 - 2014-02-19 13:34 - 0810221 _____ () C:\Users\webst\AppData\Roaming\Spende.pdf
2013-07-27 00:03 - 2014-03-18 16:35 - 0000081 _____ () C:\Users\webst\AppData\Roaming\WB.CFG
2012-12-03 12:34 - 2012-12-03 14:40 - 0000036 _____ () C:\Users\webst\AppData\Local\housecall.guid.cache
2012-09-23 21:38 - 2012-09-23 21:38 - 0000236 _____ () C:\Users\webst\AppData\Local\LaunchHomeCenter.log
2015-03-12 03:14 - 2015-03-12 03:14 - 0001558 _____ () C:\Users\webst\AppData\Local\recently-used.xbel
2012-11-27 03:53 - 2012-11-27 03:53 - 0000017 _____ () C:\Users\webst\AppData\Local\resmon.resmoncfg
2012-08-02 13:33 - 2012-08-02 13:33 - 0017408 _____ () C:\Users\webst\AppData\Local\WebpageIcons.db
2013-11-19 19:29 - 2013-11-19 19:29 - 0000011 _____ () C:\ProgramData\.tv7
2014-05-27 19:20 - 2014-05-27 19:20 - 0000040 ___SH () C:\ProgramData\.zreglib
2014-02-12 16:45 - 2014-02-12 16:45 - 0000038 _____ () C:\ProgramData\InstallerWebUI.ini
Some files in TEMP:
====================
C:\Users\webst\AppData\Local\Temp\dllnt_dump.dll
C:\Users\webst\AppData\Local\Temp\Quarantine.exe
C:\Users\webst\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-09 21:42
==================== End of log ============================