Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: iolorgdf32 program not found skipping autocheck

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 18.02.2015, 22:26   #1
--sinan--
 
iolorgdf32 program not found skipping autocheck - Standard

iolorgdf32 program not found skipping autocheck



Hallo , seit einiger Zeit bekomme ich ständig beim hochfahrens meines Notebooks "iolorgdf32 program not found skipping autocheck" zu sehen. Normalerweise dauert das Starten des notesbooks bis zum Login ca 10-15 sek. Seit diesem "iolorgdf32 program not found skipping autocheck" bis zu einer Minute. Ich habe bereits unnötige Programme deinstalliert, im Autostart viele Programme deaktiviert. Es hat alles nicht gebracht.

Könntet ihr mir bitte weiterhelfe?

PS: Wenn nötig, kann ich die Addition.txt vom Defogger + FRST.txt + gamer.txt in eine RAR Datei packen und im Anhang stellen.

Ich hoffe ihr könnt mir helfen.

MFG

Alt 19.02.2015, 05:13   #2
schrauber
/// the machine
/// TB-Ausbilder
 

iolorgdf32 program not found skipping autocheck - Standard

iolorgdf32 program not found skipping autocheck



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 20.02.2015, 12:32   #3
--sinan--
 
iolorgdf32 program not found skipping autocheck - Standard

iolorgdf32 program not found skipping autocheck



Ich schaffe es einfach nicht einen CODE TAG zu posten. Ich habe etliche mal auf STRG + C geklickt und dann hier mit STRG V versucht einzufügen.

Ich hoffe dass es auch so klappt, im Anhang.


MFG und sorry
__________________

Alt 21.02.2015, 08:16   #4
schrauber
/// the machine
/// TB-Ausbilder
 

iolorgdf32 program not found skipping autocheck - Standard

iolorgdf32 program not found skipping autocheck



Wie oben beschrieben, ich kann keine Anhänge öffnen. Wo hängt es denn?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.02.2015, 17:04   #5
--sinan--
 
iolorgdf32 program not found skipping autocheck - Standard

iolorgdf32 program not found skipping autocheck




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by Veysi (administrator) on ECE-NOTEBOOK on 19-02-2015 16:46:11
Running from F:\Defogger
Loaded Profiles: Veysi (Available profiles: Veysi & Nalin)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\seccenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\nacl64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\nacl64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxcr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-18] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3039984 2013-03-14] (Synaptics Incorporated)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [534232 2013-09-04] (Broadcom Corporation.)
HKLM\...\Run: [AgentAntidote32] => C:\Program Files (x86)\Druide\Antidote 8\Programmes32\AgentAntidote.exe [1214496 2014-04-17] (Druide informatique inc.)
HKLM\...\Run: [AgentAntidote64] => C:\Program Files (x86)\Druide\Antidote 8\Programmes64\AgentAntidote.exe [1371680 2014-04-17] (Druide informatique inc.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1686480 2014-12-17] (Bitdefender)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-03-13] (cyberlink)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-02-19] (Intel Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-07-05] (CyberLink Corp.)
HKLM-x32\...\Run: [fst_be_22] => [X]
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Run: [HP Officejet 6500 E710a-f (NET)] => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Run: [Facebook Update] => C:\Users\Veysi\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-30] (Facebook Inc.)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [845120 2015-01-14] (Samsung)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2014-11-25] (Bitdefender)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\MountPoints2: {1804f4f5-a3c3-11e4-bf31-3c0771767729} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\MountPoints2: {7bbbe2cf-c4c1-11e3-be9f-3c0771767729} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\MountPoints2: {90a48fef-f5a1-11e3-becc-3c0771767729} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\MountPoints2: {aea2b8a0-a6c6-11e3-be91-34238781008e} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32:  c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: ,c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32:  ,C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
Startup: C:\Users\Nalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Nalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\Veysi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Veysi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6500 E710a-f (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6500 E710a-f (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * autocheck iolorgdf32 C:\Users\Veysi\AppData\Roaming\iolo\
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOn96WxEGKlkIMC0lLRLdgF50Jao9CwDkW4lSW0rU-OdkxFqGSGMqGfNBStiEbpFX7vtNeCZrYWe41WjF6vdLt-FCbUZZ3qlhi7dIE-nz_XJ6TyUj40-tFUs_exhrSaOWZ3y1Qyx7UuLQQ,,&q={searchTerms}
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
URLSearchHook: HKLM-x32 - (No Name) - {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} - No File
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOn96WxEGKlkIMC0lLRLdgF50Jao9CwDkW4lSW0rU-OdkxFqGSGMqGfNBStiEbpFX7vtNeCZrYWe41WjF6vdLt-FCbUZZ3qlhi7dIE-nz_XJ6TyUj40-tFUs_exhrSaOWZ3y1Qyx7UuLQQ,,&q={searchTerms}
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
BHO: YoutubeAdblocker -> {2EE2E023-961D-09E3-2B6C-234F7FEA5160} ->  No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Toolbar: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002 -> No Name - {6DAD39C6-F4AC-4984-8E9B-F666269B9EB1} -  No File
Toolbar: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002 -> Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.0.318\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Veysi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: vasco.com/VascoCardReaderPlugin -> C:\Users\Veysi\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll (VASCO Data Security)
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: vasco.com/VascoCardReaderPlugin64 -> C:\Users\Veysi\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll (VASCO Data Security)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: AllSuAVeR - C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\3p2@n.com [2014-10-23]
FF Extension: Avira Browser Safety - C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\abs@avira.com [2015-02-16]
FF Extension: Module d'Antidote - C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\antidote7_win_firefox_103@druide.com [2014-07-26]
FF Extension: DownloadHelper - C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-12-01]
FF Extension: Platinum Hide IP - C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\support@platinumhideip.com.xpi [2015-01-28]
FF Extension: eID België - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2014-12-01]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-01]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-01-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-01-28]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-17]
CHR Extension: (Google Docs) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-17]
CHR Extension: (Google Drive) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-17]
CHR Extension: (YouTube) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-17]
CHR Extension: (Google Search) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-17]
CHR Extension: (Bitdefender Wallet) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-01-28]
CHR Extension: (Google Sheets) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-17]
CHR Extension: (Avira Browser Safety) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-29]
CHR Extension: (Skype Click to Call) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-28]
CHR Extension: (Google Wallet) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-17]
CHR Extension: (Antidote) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfcgjlglddicjopgimohdcbmabacamll [2014-10-26]
CHR Extension: (Gmail) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM\...\Chrome\Extension: [pfcgjlglddicjopgimohdcbmabacamll] - C:\Program Files (x86)\Druide\Antidote 8\Texteurs\GoogleChrome\Installation.Antidote.GoogleChrome.crx [2014-04-17]
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [pfcgjlglddicjopgimohdcbmabacamll] - C:\Program Files (x86)\Druide\Antidote 8\Texteurs\GoogleChrome\Installation.Antidote.GoogleChrome.crx [2014-04-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S4 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [247768 2013-02-01] (CyberLink)
S4 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
S4 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-05-29] (Intel Corporation)
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-06-29] (WildTangent)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-05-29] (Intel Corporation)
S4 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1069248 2014-02-06] () [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-05-29] (Intel Corporation)
S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1545376 2014-12-15] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6099968 2014-11-19] (Broadcom Corporation) [File not signed]
S2 4d349a54; "C:\WINDOWS\system32\rundll32.exe" "c:\progra~2\gs_boo~1\AssistantSvc.dll",service

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 77869811; C:\Windows\system32\DRIVERS\77869811.sys [460888 2014-04-13] (Kaspersky Lab ZAO)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-09-25] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [263032 2014-10-03] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8469680 2014-02-09] (Broadcom Corporation)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2013-11-19] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [82824 2014-12-02] (BitDefender SRL)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-02-09] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-14] (Synaptics Incorporated)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-07-06] (CyberLink Corp.)
S1 ifvhgvmq; \??\C:\WINDOWS\system32\drivers\ifvhgvmq.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-19 15:59 - 2015-02-19 15:59 - 00064745 _____ () C:\Users\Veysi\Desktop\FRST.txt
2015-02-18 19:11 - 2015-02-18 19:11 - 00000000 _____ () C:\Users\Veysi\defogger_reenable
2015-02-18 18:53 - 2015-02-18 18:53 - 00000332 _____ () C:\WINDOWS\PFRO.log
2015-02-18 18:50 - 2015-02-19 15:03 - 00001232 _____ () C:\WINDOWS\setupact.log
2015-02-18 18:50 - 2015-02-18 18:50 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-18 18:49 - 2015-02-19 16:04 - 00314837 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-18 18:31 - 2015-02-18 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy
2015-02-18 18:30 - 2015-02-18 18:30 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-18 10:08 - 2015-02-18 10:13 - 107799339 _____ () C:\Users\Veysi\Downloads\Turkey.map.part
2015-02-18 10:00 - 2015-02-18 10:03 - 62587439 _____ () C:\Users\Veysi\Downloads\Norway.map
2015-02-18 09:59 - 2015-02-18 09:59 - 02706712 _____ () C:\Users\Veysi\Downloads\Montenegro.map
2015-02-18 09:58 - 2015-02-18 09:58 - 00385233 _____ () C:\Users\Veysi\Downloads\Monaco.map
2015-02-18 09:57 - 2015-02-18 09:57 - 00984659 _____ () C:\Users\Veysi\Downloads\Moldova.map
2015-02-18 09:56 - 2015-02-18 09:56 - 01382155 _____ () C:\Users\Veysi\Downloads\Malta.map
2015-02-18 09:54 - 2015-02-18 09:55 - 03043912 _____ () C:\Users\Veysi\Downloads\Luxemburg.map
2015-02-18 09:53 - 2015-02-18 09:54 - 16203772 _____ () C:\Users\Veysi\Downloads\Lithuania.map
2015-02-18 09:52 - 2015-02-18 09:52 - 00452820 _____ () C:\Users\Veysi\Downloads\Liechtenstein.map
2015-02-18 09:50 - 2015-02-18 09:51 - 22420846 _____ () C:\Users\Veysi\Downloads\Latvia.map
2015-02-18 09:49 - 2015-02-18 09:49 - 02382388 _____ () C:\Users\Veysi\Downloads\Kosovo.map
2015-02-17 23:28 - 2015-02-17 23:28 - 00000000 _____ () C:\Users\Veysi\Desktop\Neues Textdokument.txt
2015-02-17 23:22 - 2015-02-17 23:31 - 00000000 ____D () C:\Users\Veysi\Desktop\IPtv list
2015-02-16 18:57 - 2015-02-18 10:09 - 61118365 _____ () C:\Users\Veysi\Downloads\Netherlands.map
2015-02-16 18:40 - 2015-02-16 18:45 - 17338062 _____ () C:\Users\Veysi\Downloads\Iceland.map
2015-02-16 18:06 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-16 18:06 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-16 18:02 - 2015-02-16 18:02 - 00000000 ____D () C:\WINDOWS\Sun
2015-02-16 18:02 - 2015-02-16 18:01 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-02-16 17:53 - 2015-02-16 17:53 - 00639400 _____ (Oracle Corporation) C:\Users\Veysi\Downloads\chromeinstall-8u31.exe
2015-02-16 17:06 - 2015-02-16 17:06 - 00001141 _____ () C:\Users\Veysi\Desktop\tv - Verknüpfung.lnk
2015-02-16 10:41 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-16 10:41 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-16 10:41 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-16 10:41 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-16 10:41 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-16 10:41 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-16 10:41 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-16 10:41 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-16 10:41 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-16 10:41 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-16 10:41 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-16 10:41 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-16 10:41 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-16 10:41 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-16 10:41 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-16 10:41 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-16 10:41 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-16 10:41 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-16 10:41 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-16 10:41 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-16 10:41 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-16 10:41 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-16 10:41 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-16 10:41 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-16 10:41 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-16 10:41 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-16 10:41 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-16 10:41 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-16 10:41 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-16 10:41 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-16 10:41 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-16 10:41 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-16 10:41 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-16 10:41 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-16 10:41 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-16 10:41 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-16 10:41 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-16 10:41 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-16 10:41 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-16 10:41 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-16 10:41 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-16 10:41 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-16 10:41 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-16 10:41 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-16 10:41 - 2014-12-09 00:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-16 10:40 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-16 10:40 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-16 10:40 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-16 10:40 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-16 10:40 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-16 10:39 - 2015-02-04 00:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-02-16 10:39 - 2015-02-04 00:08 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-02-16 10:39 - 2015-02-04 00:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-02-16 10:39 - 2015-02-03 00:11 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-02-16 10:39 - 2015-02-03 00:11 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-02-16 10:39 - 2015-02-03 00:11 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-02-16 10:39 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-16 10:39 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-16 00:05 - 2015-02-16 17:16 - 00000000 ____D () C:\Users\Veysi\Desktop\iptv
2015-02-12 17:21 - 2015-02-12 18:02 - 211522672 _____ () C:\Users\Veysi\Downloads\Italy.map
2015-02-12 17:20 - 2015-02-12 17:20 - 00699668 _____ () C:\Users\Veysi\Downloads\Isle_of_Man.map
2015-02-12 17:02 - 2015-02-12 17:16 - 73509592 _____ () C:\Users\Veysi\Downloads\Greece.map
2015-02-12 17:01 - 2015-02-12 17:01 - 00317963 _____ () C:\Users\Veysi\Downloads\Gibraltar.map
2015-02-12 14:55 - 2015-02-16 18:51 - 35094852 _____ () C:\Users\Veysi\Downloads\Hungary.map
2015-02-12 14:51 - 2015-02-12 14:51 - 00001412 _____ () C:\Users\Veysi\Downloads\Navigon_Blitzer-ymx5jomej15h.dlc
2015-02-12 14:48 - 2015-02-12 15:34 - 260033132 _____ () C:\Users\Veysi\Downloads\Germany.map
2015-02-12 14:47 - 2015-02-12 14:47 - 05514936 _____ () C:\Users\Veysi\Downloads\FYROM.map
2015-02-12 14:41 - 2015-02-12 14:41 - 00001261 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-02-12 14:26 - 2015-02-12 14:45 - 137278717 _____ () C:\Users\Veysi\Downloads\Finland.map
2015-02-09 22:27 - 2015-02-12 17:00 - 419766690 _____ () C:\Users\Veysi\Downloads\France.map
2015-02-09 22:24 - 2015-02-09 22:26 - 22450476 _____ () C:\Users\Veysi\Downloads\Estonia.map
2015-02-09 22:24 - 2015-02-09 22:24 - 00001357 _____ () C:\Users\Public\Desktop\NAVIGON Fresh.lnk
2015-02-09 22:24 - 2015-02-09 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON
2015-02-09 22:23 - 2015-02-09 22:23 - 00000000 ____D () C:\Program Files (x86)\NAVIGON
2015-02-09 22:20 - 2015-02-09 22:23 - 31283796 _____ () C:\Users\Veysi\Downloads\Denmark.map
2015-02-09 22:11 - 2015-02-09 22:19 - 87256687 _____ () C:\Users\Veysi\Downloads\Czech_Republic.map
2015-02-09 22:08 - 2015-02-09 22:10 - 22286143 _____ () C:\Users\Veysi\Downloads\Croatia.map
2015-02-09 22:04 - 2015-02-09 22:07 - 26756343 _____ () C:\Users\Veysi\Downloads\Bulgaria.map
2015-02-09 22:03 - 2015-02-09 22:04 - 11021601 _____ () C:\Users\Veysi\Downloads\Bosnia and Herzegovina.map
2015-02-09 21:58 - 2015-02-09 22:02 - 34780800 _____ () C:\Users\Veysi\Downloads\Belgium.map
2015-02-09 21:58 - 2015-02-09 21:58 - 01387477 _____ () C:\Users\Veysi\Downloads\Belarus.map
2015-02-09 21:51 - 2015-02-09 21:56 - 54251921 _____ () C:\Users\Veysi\Downloads\Austria.map
2015-02-09 21:50 - 2015-02-09 21:50 - 00475559 _____ () C:\Users\Veysi\Downloads\Andorra.map
2015-02-09 21:48 - 2015-02-09 21:51 - 07344230 _____ () C:\Users\Veysi\Downloads\Albania.map
2015-02-09 21:45 - 2015-02-09 21:45 - 00025072 _____ () C:\Users\Veysi\Downloads\Navigon.Maps.Q4.2014_Einzeldownloads_-1hp7hgndw06p.dlc
2015-02-01 03:49 - 2015-02-18 18:37 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-01 03:41 - 2015-02-01 03:42 - 152439600 _____ (Apple Inc.) C:\Users\Veysi\Downloads\itunes6464setup.exe
2015-01-30 23:45 - 2015-01-30 23:45 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Nero
2015-01-30 23:44 - 2015-01-30 23:44 - 00002929 _____ () C:\Users\Public\Desktop\Nero 2015.lnk
2015-01-30 23:41 - 2015-01-30 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-01-30 23:14 - 2015-01-30 23:14 - 00000000 ____D () C:\Users\Veysi\Downloads\Nero Platinum 2015_Vers. 16.0.02900_Multi
2015-01-29 16:33 - 2015-01-29 16:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-01-29 16:33 - 2015-01-29 16:33 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-01-29 16:32 - 2015-01-10 09:07 - 32102544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 25459856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 24765584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 20465296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 18566296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 17250776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 16009120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 13295552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 13210248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 10774544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 10714488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 10274448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-01-29 16:32 - 2015-01-10 09:07 - 03607184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 03245712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 01895240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434725.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 01556808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434725.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00969360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00942736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00929424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00906384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00496456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00390472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00353040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00345744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00305320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00031376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-01-29 12:53 - 2015-01-29 12:54 - 00000000 ____D () C:\Users\Veysi\Downloads\Bitdefender Safepay
2015-01-29 12:46 - 2015-01-29 12:46 - 00173172 _____ () C:\Users\Veysi\Desktop\horaireslocauxjusquemercrediversionetudiants.xlsx
2015-01-28 12:58 - 2013-12-28 02:13 - 01085344 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll
2015-01-28 12:37 - 2015-01-28 12:37 - 00079192 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2015-01-28 12:35 - 2015-01-28 12:35 - 00547816 _____ () C:\ProgramData\1422444577.bdinstall.bin
2015-01-28 12:33 - 2015-01-28 12:33 - 00002217 _____ () C:\Users\Public\Desktop\Bitdefender Internet Security.lnk
2015-01-28 12:33 - 2015-01-28 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-01-28 12:33 - 2014-12-02 16:40 - 00082824 _____ (BitDefender SRL) C:\WINDOWS\system32\Drivers\bdsandbox.sys
2015-01-28 12:33 - 2014-10-03 20:11 - 00263032 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2015-01-28 12:33 - 2014-09-25 15:57 - 01288472 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2015-01-28 12:33 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2015-01-28 12:33 - 2013-11-19 14:44 - 00098768 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\bdfndisf6.sys
2015-01-28 12:33 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2015-01-28 12:32 - 2015-01-28 12:32 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\Bitdefender
2015-01-28 12:29 - 2014-10-22 09:29 - 00155912 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2015-01-28 12:29 - 2014-10-15 16:14 - 00452040 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2015-01-28 02:47 - 2015-01-28 02:47 - 00000000 ____D () C:\Users\Veysi\AppData\Temp
2015-01-28 01:50 - 2015-01-28 01:50 - 00074000 _____ (BitDefender SRL) C:\WINDOWS\system32\bdsandboxuiskin32.dll
2015-01-28 01:49 - 2015-01-28 01:49 - 00000385 _____ () C:\Users\Veysi\AppData\Roaminguser_gensett.xml
2015-01-28 01:48 - 2015-01-28 01:48 - 00000385 _____ () C:\WINDOWS\system32\user_gensett.xml
2015-01-28 01:48 - 2015-01-28 01:48 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-01-28 01:47 - 2015-01-28 02:57 - 00000000 ____D () C:\ProgramData\BDLogging
2015-01-28 01:47 - 2014-12-02 16:37 - 00074000 _____ (BitDefender SRL) C:\WINDOWS\SysWOW64\bdsandboxuiskin32.dll
2015-01-28 01:47 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2015-01-28 01:43 - 2015-01-28 12:43 - 00000000 ____D () C:\Program Files\Bitdefender
2015-01-28 01:43 - 2015-01-28 12:33 - 00000000 ____D () C:\ProgramData\Bitdefender
2015-01-28 01:43 - 2015-01-28 01:43 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\QuickScan
2015-01-28 01:43 - 2014-12-02 16:37 - 00084336 _____ (BitDefender SRL) C:\WINDOWS\system32\bdsandboxuiskin.dll
2015-01-28 01:43 - 2014-12-02 13:37 - 00033360 _____ (BitDefender SRL) C:\WINDOWS\system32\bdsandboxuh.dll
2015-01-28 01:42 - 2015-01-28 12:29 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-01-28 01:25 - 2015-01-28 01:25 - 00000000 ____D () C:\OETemp
2015-01-28 01:03 - 2015-01-28 01:03 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\PlatinumHideIP
2015-01-28 01:03 - 2015-01-28 01:03 - 00000000 ____D () C:\ProgramData\PlatinumHideIP
2015-01-24 13:40 - 2015-01-24 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-01-24 13:40 - 2015-01-24 13:40 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2015-01-24 13:35 - 2015-01-24 13:35 - 00000000 ____D () C:\Users\Veysi\AppData\Local\Samsung
2015-01-24 13:33 - 2015-01-24 13:33 - 00000000 ____D () C:\Program Files (x86)\MarkAny
2015-01-24 13:33 - 2012-08-28 10:05 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-19 16:46 - 2014-02-09 15:18 - 00000000 ____D () C:\FRST
2015-02-19 16:33 - 2014-07-30 21:28 - 00000954 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3086666771-1258200647-2824944347-1002UA.job
2015-02-19 16:32 - 2014-02-09 01:10 - 00000000 ____D () C:\Users\Veysi\Documents\Fichiers Outlook
2015-02-19 16:03 - 2014-10-17 22:43 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-19 16:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-19 15:47 - 2014-02-09 01:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-19 15:04 - 2014-02-12 20:52 - 00000000 ___DO () C:\Users\Veysi\SkyDrive
2015-02-19 15:04 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-19 15:03 - 2014-10-17 22:43 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-19 15:03 - 2014-10-01 13:25 - 00000502 ____H () C:\WINDOWS\Tasks\GS_Booster-S-576482620.job
2015-02-19 15:03 - 2014-06-20 15:19 - 00000466 ____H () C:\WINDOWS\Tasks\SO_Booster-S-2355932470.job
2015-02-19 15:03 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-19 10:13 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-19 10:12 - 2014-02-13 01:55 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6AFBAFD9-0458-45E7-A5AE-EE747F64DAB5}
2015-02-18 22:33 - 2014-07-30 21:28 - 00000932 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3086666771-1258200647-2824944347-1002Core.job
2015-02-18 19:24 - 2014-02-08 22:55 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3086666771-1258200647-2824944347-1002
2015-02-18 19:11 - 2014-02-12 20:26 - 00000000 ____D () C:\Users\Veysi
2015-02-18 18:58 - 2014-02-09 00:56 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-18 18:57 - 2014-02-09 00:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-18 18:53 - 2014-12-01 21:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-18 18:44 - 2014-04-19 14:19 - 00495104 ___SH () C:\Users\Veysi\Desktop\Thumbs.db
2015-02-18 18:36 - 2014-02-09 00:44 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\uTorrent
2015-02-18 18:33 - 2014-02-09 01:35 - 00000000 ____D () C:\ProgramData\Apple
2015-02-18 18:31 - 2014-06-29 02:12 - 00000983 _____ () C:\Users\Public\Desktop\DriverEasy.lnk
2015-02-18 10:13 - 2014-02-10 14:00 - 00000000 ____D () C:\Users\Veysi\AppData\Local\JDownloader v2.0
2015-02-17 23:44 - 2014-06-12 22:30 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\vlc
2015-02-17 20:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-16 18:59 - 2014-04-18 22:35 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-02-16 18:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-16 18:07 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-16 18:06 - 2014-11-13 14:28 - 00001389 _____ () C:\Users\Public\Desktop\eID Viewer.lnk
2015-02-16 18:05 - 2014-11-13 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID
2015-02-16 18:05 - 2014-11-13 14:28 - 00000000 ____D () C:\Program Files (x86)\Belgium Identity Card
2015-02-16 18:01 - 2014-02-09 03:17 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-16 15:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-16 14:40 - 2013-08-22 15:44 - 00526168 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-16 11:08 - 2014-02-10 16:22 - 00000000 ____D () C:\Program Files (x86)\Nero
2015-02-16 11:02 - 2013-12-28 02:00 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-16 11:01 - 2014-05-17 08:27 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-16 10:54 - 2014-02-09 01:52 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-16 10:53 - 2012-07-26 06:26 - 00000297 _____ () C:\WINDOWS\win.ini
2015-02-16 10:51 - 2014-12-11 14:07 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-16 10:51 - 2014-07-10 19:05 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-15 20:15 - 2014-02-08 18:46 - 00000000 ____D () C:\Users\Veysi\AppData\Local\Packages
2015-02-12 14:57 - 2013-11-14 08:27 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-12 14:57 - 2013-11-14 08:11 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-12 14:57 - 2013-11-14 08:11 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-12 14:41 - 2014-11-25 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-12 14:41 - 2014-11-25 16:33 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-02-12 14:40 - 2014-11-25 16:33 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-02-12 14:40 - 2014-03-24 16:14 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\DVDVideoSoft
2015-02-11 01:14 - 2014-09-16 12:42 - 00000000 ____D () C:\ProgramData\Samsung
2015-02-11 01:14 - 2014-09-16 12:37 - 00000000 ____D () C:\Users\Veysi\Documents\SelfMV
2015-02-05 14:47 - 2014-02-09 01:27 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-04 03:43 - 2014-02-09 02:29 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\Skype
2015-02-03 20:31 - 2015-01-19 18:43 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2015-01-19 18:43 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-02 16:39 - 2014-05-31 11:10 - 00182272 ___SH () C:\Users\Veysi\Downloads\Thumbs.db
2015-01-31 00:01 - 2014-02-10 16:30 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\Nero
2015-01-30 23:45 - 2014-02-10 16:22 - 00000000 ____D () C:\ProgramData\Nero
2015-01-29 16:41 - 2014-04-26 13:44 - 00000043 ___SH () C:\ProgramData\.zreglib
2015-01-29 16:33 - 2014-03-14 18:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-29 12:57 - 2014-06-25 20:18 - 00000000 ____D () C:\Users\Veysi\AppData\Local\Adobe
2015-01-28 12:59 - 2014-02-09 03:17 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-28 12:58 - 2014-10-17 22:43 - 00004106 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-28 12:58 - 2014-10-17 22:43 - 00003870 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-28 12:58 - 2013-12-28 02:13 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2015-01-28 12:58 - 2013-12-28 02:13 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2015-01-28 12:58 - 2013-12-28 02:13 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2015-01-28 12:58 - 2013-12-28 02:13 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-01-28 12:57 - 2014-11-16 23:48 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2015-01-28 12:57 - 2014-11-16 23:48 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2015-01-28 12:57 - 2014-11-16 23:48 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2015-01-28 12:57 - 2014-02-09 03:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-28 12:57 - 2013-12-28 02:13 - 00000000 ____D () C:\Program Files\Java
2015-01-28 11:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
2015-01-28 01:59 - 2014-10-23 14:11 - 00000000 ____D () C:\ProgramData\AllSAveer
2015-01-28 01:39 - 2014-10-26 23:50 - 00000000 ____D () C:\ProgramData\Avira
2015-01-28 01:39 - 2014-10-26 23:50 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-27 00:21 - 2014-02-19 19:19 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EF8ED63A-6A54-49B7-AE6C-09D3A748C055}
2015-01-27 00:20 - 2014-02-19 19:03 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3086666771-1258200647-2824944347-1003
2015-01-27 00:15 - 2014-02-19 19:06 - 00000000 __RDO () C:\Users\Nalin\SkyDrive
2015-01-24 19:42 - 2014-07-21 03:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-01-24 19:42 - 2013-12-28 02:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-24 19:39 - 2014-04-18 23:00 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\HTC
2015-01-24 19:39 - 2014-04-18 22:59 - 00000000 ____D () C:\ProgramData\HTC
2015-01-24 19:39 - 2014-04-18 22:54 - 00000000 ____D () C:\Program Files (x86)\HTC
2015-01-24 19:38 - 2014-05-31 11:59 - 00000005 _____ () C:\WINDOWS\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2015-01-24 13:41 - 2014-04-18 22:52 - 00000000 ____D () C:\Users\Veysi\AppData\Local\Downloaded Installations
2015-01-24 13:35 - 2014-07-21 03:50 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\Samsung
2015-01-24 13:34 - 2014-07-21 03:49 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-01-20 17:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\ELAMBKUP

==================== Files in the root of some directories =======

2005-04-01 00:11 - 2014-03-20 01:20 - 0968063 ____H () C:\Users\Veysi\AppData\Roaming\cglogs.dat
2014-10-02 13:01 - 2014-10-02 13:01 - 0000037 ___SH () C:\Users\Veysi\AppData\Local\70149b02515b3bb20dd492.47983420
2014-04-11 19:38 - 2014-12-02 15:41 - 0004608 _____ () C:\Users\Veysi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-09 18:17 - 2015-01-17 15:12 - 0007607 _____ () C:\Users\Veysi\AppData\Local\Resmon.ResmonCfg
2014-04-26 13:44 - 2015-01-29 16:41 - 0000043 ___SH () C:\ProgramData\.zreglib
2015-01-28 12:35 - 2015-01-28 12:35 - 0547816 _____ () C:\ProgramData\1422444577.bdinstall.bin
2014-02-09 16:30 - 2014-02-09 16:30 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-02-12 20:20 - 2014-02-12 20:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Veysi\AppData\Local\Temp\proxy_vole1307677969667595938.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-18 12:38

==================== End Of Log ============================
         
--- --- ---


Alt 21.02.2015, 17:05   #6
--sinan--
 
iolorgdf32 program not found skipping autocheck - Standard

iolorgdf32 program not found skipping autocheck



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by Veysi at 2015-02-19 16:46:36
Running from F:\Defogger
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
AC3File 0.7b (HKLM-x32\...\AC3File_is1) (Version: 0.7b - Alexander Vigovsky)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Antidote 8 (HKLM-x32\...\{09AAAB09-6DBA-4DD9-9865-54597D3FBCA8}) (Version: 8.04.1237 - Druide informatique inc.)
Assistant de téléchargement (HKLM-x32\...\{92154A3C-9BB7-49D7-A571-4EB6373FA5AD}) (Version: 6.65.13 - Druide informatique inc.)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Behind The Reflection 2: Witch's Revenge (x32 Version: 3.0.2.32 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Belgium e-ID middleware 4.1.0 (build 1315) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71315}) (Version: 4.1.1315 - Belgian Government)
Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2529 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6201.52 - CyberLink Corp.)
CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.3105.58 - CyberLink Corp.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
DriverEasy 4.9.0 (HKLM\...\DriverEasy_is1) (Version: 4.9.0.0 - Easeware)
Duden Professional (HKLM-x32\...\{CADD1164-F60E-484B-A01C-F5CDE6FD40FD}) (Version: 10.0.0 - Bibliographisches Institut GmbH)
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Free Studio version 6.4.3.128 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.3.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32 - WildTangent) Hidden
HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät (HKLM\...\{F28BD099-9FC0-4A03-A605-E069B8D17D47}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41800) (Version: 3.8.0.41800.66 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) PROSet/Wireless NFC-Software (HKLM\...\Intel(R) PROSet/Wireless NFC-Software) (Version: 1.1.1.003 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IsoBuster 3.3 (HKLM-x32\...\IsoBuster3_is1) (Version: 3.3 - Smart Projects)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack 10.3.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.0 - )
KMSpico v9.2.1 Beta (HKLM\...\KMSpico_is1) (Version: 9.2.1 Beta - )
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office Professionnel Plus*2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
MyDriveConnect 3.3.0.1812 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1812 - TomTom)
MyFreeCodec (HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\MyFreeCodec) (Version:  - )
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Nero 2015 (HKLM-x32\...\{763EF8DC-4CC0-47CA-BE1C-BDE731462250}) (Version: 16.0.02900 - Nero AG)
Nero 2015 Content Pack (HKLM-x32\...\{55192BC6-EDBA-4F48-A2C4-3D164E41AF55}) (Version: 16.0.00300 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.02.14060 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.9200.33045 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.2.0.02040 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{64AEB277-30E8-4C5B-A9D5-66CD8995AF75}) (Version: 8.3.0.08220 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{3A097A28-308D-4C39-809F-C72ED47636E2}) (Version: 1.0.2.08020 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.0.03070 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.2.00.07040 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.3.0.08010 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VASCO Card Reader Plug-In (64-Bit) (Version: 3.2.3.2 - VASCO Data Security) Hidden
VASCO Smart Card Reader Plug-In (User) (HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\{8bc0c044-0d13-4fe6-90c1-af39c36cb927}) (Version: 3.2.3.2 - VASCO Data Security)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7850 - Broadcom Corporation)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Windows-Treiberpaket - Broadcom (BCM43XX) Net  (12/13/2013 6.30.223.215) (HKLM\...\59EE3461B77229A4F846543766A6EFF2F2BAFC6B) (Version: 12/13/2013 6.30.223.215 - Broadcom)
Windows-Treiberpaket - Fedict SmartCard  (04/30/2014 4.0.7.5) (HKLM\...\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7) (Version: 04/30/2014 4.0.7.5 - Fedict)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002_Classes\CLSID\{9E436272-69C3-5FBA-9C1D-15694337F4AC}\InprocServer32 -> C:\Users\Veysi\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll (VASCO Data Security)
CustomCLSID: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002_Classes\CLSID\{AFD6BFDC-F329-41BB-9C53-764B965DD483}\InprocServer32 -> C:\Program Files (x86)\Duden\Duden Korrektor\adxloader64.dll ()

==================== Restore Points  =========================

01-02-2015 03:47:54 Installed iTunes
12-02-2015 17:55:15 Geplanter Prüfpunkt
16-02-2015 10:46:22 Windows Update
18-02-2015 18:31:42 Removed Apple Application Support (32-Bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0083CBA4-8F7C-49F7-A0BA-06F6B2C22990} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {00DA3A5E-E698-4CF1-AA5A-D840AA9688B0} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation)
Task: {1B350830-93D9-43F5-B521-C2B5D8B759BC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3086666771-1258200647-2824944347-1002Core => C:\Users\Veysi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-30] (Facebook Inc.)
Task: {2277AC9A-48E1-43D1-B7AF-6DF9707B2934} - System32\Tasks\{9F0B056C-3FB0-4B7D-8387-F48990581515} => pcalua.exe -a "C:\Program Files\McAfeeEx\MOCP\uninstall.exe"
Task: {24EDBFDF-A1F4-4C2D-B11C-39B7BFFB7476} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {268FBAF2-2EBF-42FF-BDFB-6FC5EB0ED70E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-02-16] (Microsoft Corporation)
Task: {362FEC6F-7F81-47B0-8A30-759BDC8F5BA6} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {40C67053-CF15-4B5C-833E-5DF13F7C5FC1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {4965C9E1-4EB1-4BCE-9A35-0504F2F1A250} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {4DE85C99-C89B-431C-BD00-D85C71629A44} - System32\Tasks\GS_Booster-S-576482620 => c:\programdata\trusted publisher\gs_booster\GS_Booster.exe <==== ATTENTION
Task: {4E3E58DD-CD55-43B6-A6C2-A0F36679688F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3086666771-1258200647-2824944347-1002UA => C:\Users\Veysi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-30] (Facebook Inc.)
Task: {4EA795F3-9AC3-4236-A50E-045749FCF346} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {52B63ACD-C786-49B6-9F65-5A801DBFE15E} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {58CA2C68-249C-41E2-B96E-E37DFE355211} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {5ABEC7C8-08B0-449F-84C2-E1785F977AC8} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {615158A8-65DF-4B08-A718-FB3ED2751A66} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {6ADD58DF-6C0E-485B-A78B-D33C89390E6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {6B366F0D-3295-4D12-AC2A-23EB2317FCA7} - System32\Tasks\AutoPico Daily Restart => C:\Program Files (x86)\KMSpico\AutoPico.exe [2014-02-06] ()
Task: {75DD6F4F-220F-42D6-83F9-20D43A457E78} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {7956B180-CEA2-43D6-AF07-87F8552C8C12} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {7DE8F51D-8636-4ADF-9680-C26A75059613} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {804A33AA-9587-44E6-81A8-33996717ECEC} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {9D6ECCF0-CB45-4BAE-B803-1F46B46D2502} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A01ED9E0-D1CA-4C97-8000-B21E48EB1705} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {A8F6A732-B4F8-43EE-969A-8BE6B9C50397} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {ACE135E7-0E0C-4721-BA5F-025A5C8BC535} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {AD7E85C0-5C29-4EE4-80FA-A4A946476F88} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {B3D11219-B486-40C2-B83E-74732737DC53} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C5811A72-D1B4-4FA9-B640-8E97D77C456A} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {C5924CE3-B700-4EAE-9F08-18712009633C} - System32\Tasks\SO_Booster-S-2355932470 => c:\programdata\appsnow\so_booster\SO_Booster.exe <==== ATTENTION
Task: {CECF24F0-7997-426B-90B6-C14192A619BD} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {D87961FE-E9E1-4C18-83FD-96BBC947A706} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-02-04] (Sony Corporation)
Task: {DBC27D3E-E88E-4845-B249-041DCE8B6082} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {EBAF0589-C2F8-48C7-8C26-7304C9A177B2} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {F0747D26-EDB4-471D-B9E4-287F6287BC94} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2013-08-29] (Sony Corporation)
Task: {F70ACC62-8A43-4557-A5FD-5F8EF394EF9C} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2015-01-15] (Easeware)
Task: {F70FDA04-70C6-4BC6-B073-D36C26ED2177} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {F71693C7-7261-4ED9-9953-22BDEB642379} - \AutoKMS No Task File <==== ATTENTION
Task: {F9BAEDC2-BD89-4281-8805-9AFBDB629DF9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {FA094B5B-3FE0-4756-A929-7F874BE6F1BB} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\bench-Updater removing.job => ? <==== ATTENTION
Task: C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3086666771-1258200647-2824944347-1002Core.job => C:\Users\Veysi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3086666771-1258200647-2824944347-1002UA.job => C:\Users\Veysi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GS_Booster-S-576482620.job => c:\programdata\trusted publisher\gs_booster\GS_Booster.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SO_Booster-S-2355932470.job => c:\programdata\appsnow\so_booster\SO_Booster.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) ==============

2014-03-14 18:14 - 2015-01-10 09:07 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-01-28 12:33 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-01-28 12:33 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-01-28 12:33 - 2015-01-20 17:34 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-01-28 12:33 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-02-06 15:29 - 2015-02-06 15:29 - 00784712 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttpbr.mdl
2015-02-06 15:29 - 2015-02-06 15:29 - 00573544 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttpdsp.mdl
2015-02-06 15:29 - 2015-02-06 15:29 - 02657264 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttpph.mdl
2015-02-06 15:29 - 2015-02-06 15:29 - 01331648 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttprbl.mdl
2014-03-14 18:22 - 2015-01-10 00:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-21 22:23 - 2013-10-17 16:32 - 00020472 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2013-09-04 19:13 - 2013-09-04 19:13 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-03-26 11:44 - 2013-03-26 11:44 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2015-01-28 12:33 - 2014-12-17 13:45 - 00470544 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdidntconp.dll
2015-01-28 12:33 - 2015-01-20 17:34 - 00187904 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\ui\bdidntconp.ui
2013-04-12 19:45 - 2013-04-12 19:45 - 00740384 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\adxloader64.dll
2014-09-25 12:33 - 2014-09-25 12:33 - 02210480 _____ () C:\Program Files\Microsoft Office\Office15\tmpod.dll
2014-01-23 15:05 - 2014-01-23 15:05 - 01424552 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2013-03-26 13:36 - 2013-03-26 13:36 - 00786432 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\Interop.Access.dll
2013-03-26 13:36 - 2013-03-26 13:36 - 00950272 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\Interop.Excel.dll
2013-03-26 13:36 - 2013-03-26 13:36 - 00065536 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\Interop.FrontPage.dll
2013-03-26 13:36 - 2013-03-26 13:36 - 00286720 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\Interop.Outlook.dll
2013-03-26 13:36 - 2013-03-26 13:36 - 00204800 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\Interop.PowerPoint.dll
2013-03-26 13:36 - 2013-03-26 13:36 - 00495616 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\Interop.Word.dll
2013-03-26 13:36 - 2013-03-26 13:36 - 00151552 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\Interop.Office.dll
2013-05-13 23:17 - 2013-05-13 23:17 - 00333312 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\MBControls.dll
2013-04-23 02:37 - 2013-04-23 02:37 - 00102912 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\CSegmentation.dll
2013-04-23 02:37 - 2013-04-23 02:37 - 00327680 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\GAMORPHDPF.dll
2013-04-23 02:36 - 2013-04-23 02:36 - 00105472 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\DpfDict.dll
2013-04-23 02:37 - 2013-04-23 02:37 - 00622080 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\CTokenizer.dll
2013-04-23 02:37 - 2013-04-23 02:37 - 00116224 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\SGAnalyseSP.dll
2013-04-23 02:35 - 2013-04-23 02:35 - 00983040 _____ () C:\Program Files (x86)\Duden\Duden Korrektor\sprt4-2-3.dll
2015-01-28 12:59 - 2015-01-25 22:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-28 12:59 - 2015-01-25 22:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2013-09-05 01:36 - 2015-01-10 09:07 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-01-28 12:59 - 2015-01-25 22:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll
2015-02-05 13:31 - 2015-02-03 12:22 - 14964912 _____ () C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\PepperFlash\16.0.0.305\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\Users\Nalin\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Veysi\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Veysi\Downloads\itunes6464setup.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img2 Wallpaper 1366x768.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CLKMSVC10_9EC60124 => 2
MSCONFIG\Services: CyberLink PowerDVD 13 Media Server Monitor Service => 2
MSCONFIG\Services: CyberLink PowerDVD 13 Media Server Service => 2
MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Service KMSELDI => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SOHCImp => 3
MSCONFIG\Services: SOHDms => 3
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: VAIO Event Service => 2
MSCONFIG\Services: VAIO Power Management => 3
MSCONFIG\Services: VCFw => 3
MSCONFIG\Services: VCService => 3
HKLM\...\StartupApproved\StartupFolder: => "McAfee Parental Controls.lnk"
HKLM\...\StartupApproved\Run: => "Bluetooth"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "3e936482e28cca4a48b713452330a269"
HKLM\...\StartupApproved\Run: => "AgentAntidote32"
HKLM\...\StartupApproved\Run: => "AgentAntidote64"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "Intel AppUp(R) center"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PowerDVD13Agent"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Registry Helper"
HKLM\...\StartupApproved\Run32: => "GoforFilesInstaller Starter"
HKLM\...\StartupApproved\Run32: => "YourFile DownloaderInstaller Starter"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\StartupFolder: => "svchost.exe"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "HP Officejet 6500 E710a-f (NET)"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "3e936482e28cca4a48b713452330a269"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "LiveSupport"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_6BE239DCA32C94045EC09A7D76CC0817"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "Kies3PDLR.exe"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "Bitdefender-Geldbörse-Agent"

==================== Accounts: =============================

Administrator (S-1-5-21-3086666771-1258200647-2824944347-500 - Administrator - Disabled)
Gast (S-1-5-21-3086666771-1258200647-2824944347-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3086666771-1258200647-2824944347-1006 - Limited - Enabled)
Nalin (S-1-5-21-3086666771-1258200647-2824944347-1003 - Administrator - Enabled) => C:\Users\Nalin
Veysi (S-1-5-21-3086666771-1258200647-2824944347-1002 - Administrator - Enabled) => C:\Users\Veysi

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/18/2015 09:33:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x12c8
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5

Error: (02/18/2015 07:33:05 PM) (Source: Google Update) (EventID: 20) (User: ECE-NOTEBOOK)
Description: Network Request Error.
Error: 0x80040801. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801

Error: (02/18/2015 07:19:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x1b3c
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5

Error: (02/18/2015 07:18:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x1a0c
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5

Error: (02/18/2015 07:17:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x15e0
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5

Error: (02/18/2015 07:16:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x69c
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5

Error: (02/18/2015 07:16:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x8e8
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5

Error: (02/18/2015 07:16:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x1634
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5

Error: (02/18/2015 07:02:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bcmwltry.exe, Version: 6.30.59.132, Zeitstempel: 0x5139af71
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007ff9cadd3166
ID des fehlerhaften Prozesses: 0x724
Startzeit der fehlerhaften Anwendung: 0xbcmwltry.exe0
Pfad der fehlerhaften Anwendung: bcmwltry.exe1
Pfad des fehlerhaften Moduls: bcmwltry.exe2
Berichtskennung: bcmwltry.exe3
Vollständiger Name des fehlerhaften Pakets: bcmwltry.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bcmwltry.exe5

Error: (02/18/2015 05:40:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 12.1.0.0, Zeitstempel: 0x52f3d085
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x00007ff932c10565
ID des fehlerhaften Prozesses: 0xafc
Startzeit der fehlerhaften Anwendung: 0xService_KMS.exe0
Pfad der fehlerhaften Anwendung: Service_KMS.exe1
Pfad des fehlerhaften Moduls: Service_KMS.exe2
Berichtskennung: Service_KMS.exe3
Vollständiger Name des fehlerhaften Pakets: Service_KMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Service_KMS.exe5


System errors:
=============
Error: (02/19/2015 04:46:56 PM) (Source: WudfUsbccidDriver) (EventID: 7) (User: NT-AUTORITÄT)
Description: ReaderCompletionUnknownMsgType0x0

Error: (02/19/2015 04:46:56 PM) (Source: WudfUsbccidDriver) (EventID: 7) (User: NT-AUTORITÄT)
Description: ReaderCompletionUnknownMsgType0x0

Error: (02/19/2015 04:46:56 PM) (Source: WudfUsbccidDriver) (EventID: 7) (User: NT-AUTORITÄT)
Description: ReaderCompletionUnknownMsgType0x0

Error: (02/19/2015 04:46:56 PM) (Source: WudfUsbccidDriver) (EventID: 7) (User: NT-AUTORITÄT)
Description: ReaderCompletionUnknownMsgType0x0

Error: (02/19/2015 04:46:56 PM) (Source: WudfUsbccidDriver) (EventID: 7) (User: NT-AUTORITÄT)
Description: ReaderCompletionUnknownMsgType0x0

Error: (02/19/2015 04:46:56 PM) (Source: WudfUsbccidDriver) (EventID: 7) (User: NT-AUTORITÄT)
Description: ReaderCompletionUnknownMsgType0x0

Error: (02/19/2015 04:46:56 PM) (Source: WudfUsbccidDriver) (EventID: 7) (User: NT-AUTORITÄT)
Description: ReaderCompletionUnknownMsgType0x0

Error: (02/19/2015 04:46:56 PM) (Source: WudfUsbccidDriver) (EventID: 7) (User: NT-AUTORITÄT)
Description: ReaderCompletionUnknownMsgType0x0

Error: (02/19/2015 04:46:56 PM) (Source: WudfUsbccidDriver) (EventID: 7) (User: NT-AUTORITÄT)
Description: ReaderCompletionUnknownMsgType0x0

Error: (02/19/2015 04:46:56 PM) (Source: WudfUsbccidDriver) (EventID: 7) (User: NT-AUTORITÄT)
Description: ReaderCompletionUnknownMsgType0x0


Microsoft Office Sessions:
=========================
Error: (02/18/2015 09:33:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aa12c801d04ba796a1aab3F:\Defogger\Gmer-19357.exeF:\Defogger\Gmer-19357.exe60b2930a-b7ad-11e4-bf5b-3c0771767729

Error: (02/18/2015 07:33:05 PM) (Source: Google Update) (EventID: 20) (User: ECE-NOTEBOOK)
Description: Network Request Error.
Error: 0x80040801. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801

Error: (02/18/2015 07:19:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aa1b3c01d04ba76a6635ceF:\Defogger\Gmer-19357.exeF:\Defogger\Gmer-19357.exead4cea8e-b79a-11e4-bf5b-3c0771767729

Error: (02/18/2015 07:18:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aa1a0c01d04ba7512f2237F:\Defogger\Gmer-19357.exeF:\Defogger\Gmer-19357.exe8ffad8e9-b79a-11e4-bf5b-3c0771767729

Error: (02/18/2015 07:17:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aa15e001d04ba732118527F:\Defogger\Gmer-19357.exeF:\Defogger\Gmer-19357.exe70f4a139-b79a-11e4-bf5b-3c0771767729

Error: (02/18/2015 07:16:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aa69c01d04ba70fa14a9eF:\Defogger\Gmer-19357.exeF:\Defogger\Gmer-19357.exe4e84a6a3-b79a-11e4-bf5b-3c0771767729

Error: (02/18/2015 07:16:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aa8e801d04ba70224594eF:\Defogger\Gmer-19357.exeF:\Defogger\Gmer-19357.exe43ee8cbc-b79a-11e4-bf5b-3c0771767729

Error: (02/18/2015 07:16:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aa163401d04ba6f965d258F:\Defogger\Gmer-19357.exeF:\Defogger\Gmer-19357.exe3c5276c3-b79a-11e4-bf5b-3c0771767729

Error: (02/18/2015 07:02:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bcmwltry.exe6.30.59.1325139af71unknown0.0.0.000000000c000000500007ff9cadd316672401d04ba4fab5e165C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exeunknown4c1f9852-b798-11e4-bf5a-3c0771767729

Error: (02/18/2015 05:40:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe12.1.0.052f3d085unknown0.0.0.0000000000000000000007ff932c10565afc01d04b9982f7da22C:\Program Files\KMSpico\Service_KMS.exeunknownd65f4374-b78c-11e4-bf56-3c0771767729


CodeIntegrity Errors:
===================================
  Date: 2014-10-24 15:18:49.811
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:18:49.718
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:07.708
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:07.473
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:07.223
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:07.051
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:06.848
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:06.739
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:06.536
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:06.426
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3537U CPU @ 2.00GHz
Percentage of memory in use: 40%
Total physical RAM: 8070.8 MB
Available physical RAM: 4829.48 MB
Total Pagefile: 9350.8 MB
Available Pagefile: 5374.18 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.62 GB) (Free:306.46 GB) NTFS
Drive e: (Multimedia) (Fixed) (Total:351.56 GB) (Free:28.94 GB) NTFS
Drive f: (Programme) (Fixed) (Total:78.12 GB) (Free:20.19 GB) NTFS
Drive g: (Schule & Administration) (Fixed) (Total:21.49 GB) (Free:19.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 92FDF581)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
Ist dass so in ordnung ?

Alt 22.02.2015, 08:00   #7
schrauber
/// the machine
/// TB-Ausbilder
 

iolorgdf32 program not found skipping autocheck - Standard

iolorgdf32 program not found skipping autocheck



perfekt


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.02.2015, 13:18   #8
--sinan--
 
iolorgdf32 program not found skipping autocheck - Standard

iolorgdf32 program not found skipping autocheck



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Update, 22.02.2015 13:07:15, SYSTEM, ECE-NOTEBOOK, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1, 
Update, 22.02.2015 13:07:15, SYSTEM, ECE-NOTEBOOK, Manual, Rootkit Database, 2014.11.18.1, 2015.2.20.1, 
Update, 22.02.2015 13:07:28, SYSTEM, ECE-NOTEBOOK, Manual, Malware Database, 2014.11.20.6, 2015.2.22.3, 
Scan, 22.02.2015 13:08:16, SYSTEM, ECE-NOTEBOOK, Manual, Start: % 1 "% 2", Dauer: % 1 min 0 Sekunden, Bedrohungs-Suchlauf, Abgebrochen, 0 Malwareerkennung, 0-Malwareerkennung, 
Protection, 22.02.2015 13:30:21, SYSTEM, ECE-NOTEBOOK, Protection, Malware Protection, Starting, 
Protection, 22.02.2015 13:30:21, SYSTEM, ECE-NOTEBOOK, Protection, Malware Protection, Started, 
Protection, 22.02.2015 13:30:21, SYSTEM, ECE-NOTEBOOK, Protection, Malicious Website Protection, Starting, 
Protection, 22.02.2015 13:30:22, SYSTEM, ECE-NOTEBOOK, Protection, Malicious Website Protection, Started, 
Scan, 22.02.2015 13:46:18, SYSTEM, ECE-NOTEBOOK, Manual, Start: % 1 "% 2", Dauer: % 1 min 36 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 3 Malwareerkennung, 170-Malwareerkennung, 
Protection, 22.02.2015 13:49:25, SYSTEM, ECE-NOTEBOOK, Protection, Malware Protection, Starting, 
Protection, 22.02.2015 13:49:25, SYSTEM, ECE-NOTEBOOK, Protection, Malware Protection, Started, 
Protection, 22.02.2015 13:49:25, SYSTEM, ECE-NOTEBOOK, Protection, Malicious Website Protection, Starting, 
Protection, 22.02.2015 13:49:25, SYSTEM, ECE-NOTEBOOK, Protection, Malicious Website Protection, Started, 

(end)
         
Code:
ATTFilter
# AdwCleaner v4.111 - Bericht erstellt 22/02/2015 um 13:57:22
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-02-18.3 [Server]
# Betriebssystem : Windows 8.1 Pro  (x64)
# Benutzername : Veysi - ECE-NOTEBOOK
# Gestarted von : F:\AdwCleaner\AdwCleaner_4.111.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\drivergenius
Ordner Gelöscht : C:\ProgramData\AllSAveer
Ordner Gelöscht : C:\ProgramData\48009c78d213a644
Ordner Gelöscht : C:\Program Files (x86)\driver-soft
Ordner Gelöscht : C:\Users\Nalin\AppData\Roaming\Mozilla\Firefox\Profiles\cpih6i3v.default\Extensions\3p2@n.com
Ordner Gelöscht : C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\3p2@n.com
Ordner Gelöscht : C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfcgjlglddicjopgimohdcbmabacamll
Datei Gelöscht : C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage

***** [ Geplante Tasks ] *****

Task Gelöscht : DriverEasy Scheduled Scan

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pfcgjlglddicjopgimohdcbmabacamll
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pfcgjlglddicjopgimohdcbmabacamll
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v

[cpih6i3v.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.NMc0ENEekhRlNb11.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\[...]
[0vuvtf3v.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.5nEm4hD73zdYWP7e.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\[...]
[0vuvtf3v.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.UHrhpaeFyDn8MzUk.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\[...]
[0vuvtf3v.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.ePqPH83MKT53cbHk.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\[...]

-\\ Google Chrome v40.0.2214.93

[C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_def&mntrId=182F00FFF4FEAD99&affID=66736&tsp=5214

-\\ Comodo Dragon v

[C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_def&mntrId=182F00FFF4FEAD99&affID=66736&tsp=5214

-\\ Chrome Canary v

[C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_def&mntrId=182F00FFF4FEAD99&affID=66736&tsp=5214

*************************

AdwCleaner[R0].txt - [31523 Bytes] - [26/10/2014 23:17:18]
AdwCleaner[R1].txt - [3222 Bytes] - [22/02/2015 13:55:09]
AdwCleaner[S0].txt - [29813 Bytes] - [26/10/2014 23:23:27]
AdwCleaner[S1].txt - [3519 Bytes] - [22/02/2015 13:57:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3578  Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 Pro x64
Ran by Veysi on 22.02.2015 at 14:04:45,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVEREASY.EXE-9990B30E.pf
Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVEREASY_SETUP.TMP-0CB2E9DA.pf
Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVEREASY_SETUP.TMP-B7E6621F.pf



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.02.2015 at 14:07:38,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Ist es besser Allgemein die gefundenen Maleware/Viren (im Antivirus Programm) in Quarantäne zu verschieben, oder sie direkt zu löschen?

Sollte ich die hier gefundenen Malewares später endgültig löschen oder weiterhiin in Quarantäne behalten?


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by Veysi (administrator) on ECE-NOTEBOOK on 22-02-2015 14:15:52
Running from F:\Defogger
Loaded Profiles: Veysi (Available profiles: Veysi & Nalin)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\nacl64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxcr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-18] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3039984 2013-03-14] (Synaptics Incorporated)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [534232 2013-09-04] (Broadcom Corporation.)
HKLM\...\Run: [AgentAntidote32] => C:\Program Files (x86)\Druide\Antidote 8\Programmes32\AgentAntidote.exe [1214496 2014-04-17] (Druide informatique inc.)
HKLM\...\Run: [AgentAntidote64] => C:\Program Files (x86)\Druide\Antidote 8\Programmes64\AgentAntidote.exe [1371680 2014-04-17] (Druide informatique inc.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1686480 2014-12-17] (Bitdefender)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-03-13] (cyberlink)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-02-19] (Intel Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-07-05] (CyberLink Corp.)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Run: [HP Officejet 6500 E710a-f (NET)] => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Run: [Facebook Update] => C:\Users\Veysi\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-30] (Facebook Inc.)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [845120 2015-01-14] (Samsung)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2014-11-25] (Bitdefender)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\MountPoints2: {1804f4f5-a3c3-11e4-bf31-3c0771767729} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\MountPoints2: {7bbbe2cf-c4c1-11e3-be9f-3c0771767729} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\MountPoints2: {90a48fef-f5a1-11e3-becc-3c0771767729} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\MountPoints2: {aea2b8a0-a6c6-11e3-be91-34238781008e} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32:  c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: , c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
Startup: C:\Users\Nalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Nalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\Veysi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Veysi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6500 E710a-f (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6500 E710a-f (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * autocheck iolorgdf32 C:\Users\Veysi\AppData\Roaming\iolo\
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = CountrySelector - Sony
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
URLSearchHook: HKLM-x32 - (No Name) - {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
BHO: YoutubeAdblocker -> {2EE2E023-961D-09E3-2B6C-234F7FEA5160} ->  No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Toolbar: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002 -> No Name - {6DAD39C6-F4AC-4984-8E9B-F666269B9EB1} -  No File
Toolbar: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002 -> Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.0.318\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Veysi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: vasco.com/VascoCardReaderPlugin -> C:\Users\Veysi\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll (VASCO Data Security)
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: vasco.com/VascoCardReaderPlugin64 -> C:\Users\Veysi\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll (VASCO Data Security)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\abs@avira.com [2015-02-16]
FF Extension: Module d'Antidote - C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\antidote7_win_firefox_103@druide.com [2014-07-26]
FF Extension: DownloadHelper - C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-12-01]
FF Extension: Platinum Hide IP - C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\support@platinumhideip.com.xpi [2015-01-28]
FF Extension: eID België - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2014-12-01]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-01]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-01-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-01-28]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-17]
CHR Extension: (Google Docs) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-17]
CHR Extension: (Google Drive) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-17]
CHR Extension: (YouTube) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-17]
CHR Extension: (Google Search) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-17]
CHR Extension: (Bitdefender Wallet) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-01-28]
CHR Extension: (Google Sheets) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-17]
CHR Extension: (Avira Browser Safety) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-29]
CHR Extension: (Skype Click to Call) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-28]
CHR Extension: (Google Wallet) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-17]
CHR Extension: (Gmail) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S4 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [247768 2013-02-01] (CyberLink)
S4 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
S4 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-05-29] (Intel Corporation)
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-06-29] (WildTangent)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-05-29] (Intel Corporation)
S4 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1069248 2014-02-06] () [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-05-29] (Intel Corporation)
S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1545376 2014-12-15] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6099968 2014-11-19] (Broadcom Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 77869811; C:\Windows\system32\DRIVERS\77869811.sys [460888 2014-04-13] (Kaspersky Lab ZAO)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-09-25] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [263032 2014-10-03] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8469680 2014-02-09] (Broadcom Corporation)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2013-11-19] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [82824 2014-12-02] (BitDefender SRL)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-02-09] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-14] (Synaptics Incorporated)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-07-06] (CyberLink Corp.)
S1 ifvhgvmq; \??\C:\WINDOWS\system32\drivers\ifvhgvmq.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-22 13:53 - 2015-02-22 14:07 - 00000000 ____D () C:\Users\Veysi\Desktop\trojan
2015-02-22 13:33 - 2015-02-22 13:34 - 00000000 ____D () C:\Users\Veysi\Desktop\PC tools
2015-02-22 13:33 - 2015-02-22 13:34 - 00000000 ____D () C:\Users\Veysi\AppData\Local\Abelssoft
2015-02-22 13:33 - 2015-02-22 13:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Abelssoft
2015-02-22 13:33 - 2015-02-22 13:33 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\Abelssoft
2015-02-22 13:33 - 2015-02-22 13:33 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2015-02-22 13:33 - 2015-02-22 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2015-02-22 13:33 - 2015-02-22 13:33 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2015-02-22 13:07 - 2015-02-22 14:00 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-22 13:06 - 2015-02-22 13:06 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-22 13:06 - 2015-02-22 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-22 13:06 - 2015-02-22 13:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-22 13:06 - 2015-02-22 13:06 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-22 13:06 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-22 13:06 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-22 13:06 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-22 13:05 - 2015-02-22 13:06 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Veysi\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-21 14:29 - 2015-02-21 14:36 - 59243667 _____ () C:\Users\Veysi\Downloads\Sweden.map.part
2015-02-21 13:46 - 2015-02-21 14:08 - 223339007 _____ () C:\Users\Veysi\Downloads\Spain.map
2015-02-21 13:44 - 2015-02-21 13:45 - 15891342 _____ () C:\Users\Veysi\Downloads\Slovenia.map
2015-02-21 13:43 - 2015-02-21 13:43 - 00000000 ____D () C:\Users\Veysi\Downloads\Navigon.Blitzer.Clever.Parking.01.2015
2015-02-21 13:42 - 2015-02-21 13:43 - 05767569 _____ () C:\Users\Veysi\Downloads\Nav.Bli.Cle.Par.01.2015.zip
2015-02-21 13:38 - 2015-02-21 13:42 - 36086801 _____ () C:\Users\Veysi\Downloads\Slovakia.map
2015-02-21 13:36 - 2015-02-21 13:37 - 18853687 _____ () C:\Users\Veysi\Downloads\Serbia.map
2015-02-21 13:30 - 2015-02-21 13:33 - 33157388 _____ () C:\Users\Veysi\Downloads\Romania.map
2015-02-21 13:27 - 2015-02-21 13:29 - 24829077 _____ () C:\Users\Veysi\Downloads\Republic of Ireland.map
2015-02-21 13:14 - 2015-02-21 13:25 - 104263851 _____ () C:\Users\Veysi\Downloads\Poland.map.part
2015-02-21 13:05 - 2015-02-21 13:13 - 79820781 _____ () C:\Users\Veysi\Downloads\Portugal.map
2015-02-21 13:01 - 2015-02-21 13:01 - 00001357 _____ () C:\Users\Public\Desktop\NAVIGON Fresh.lnk
2015-02-21 13:01 - 2015-02-21 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON
2015-02-21 13:01 - 2015-02-21 13:01 - 00000000 ____D () C:\Program Files (x86)\NAVIGON
2015-02-19 15:59 - 2015-02-19 15:59 - 00064745 _____ () C:\Users\Veysi\Desktop\FRST.txt
2015-02-18 19:11 - 2015-02-18 19:11 - 00000000 _____ () C:\Users\Veysi\defogger_reenable
2015-02-18 18:53 - 2015-02-22 13:58 - 00056860 _____ () C:\WINDOWS\PFRO.log
2015-02-18 18:50 - 2015-02-22 13:59 - 00002772 _____ () C:\WINDOWS\setupact.log
2015-02-18 18:50 - 2015-02-18 18:50 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-18 18:49 - 2015-02-22 14:00 - 00756978 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-18 18:31 - 2015-02-18 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy
2015-02-18 18:30 - 2015-02-18 18:30 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-18 10:08 - 2015-02-18 10:13 - 107799339 _____ () C:\Users\Veysi\Downloads\Turkey.map.part
2015-02-18 10:00 - 2015-02-18 10:03 - 62587439 _____ () C:\Users\Veysi\Downloads\Norway.map
2015-02-18 09:59 - 2015-02-18 09:59 - 02706712 _____ () C:\Users\Veysi\Downloads\Montenegro.map
2015-02-18 09:58 - 2015-02-18 09:58 - 00385233 _____ () C:\Users\Veysi\Downloads\Monaco.map
2015-02-18 09:57 - 2015-02-18 09:57 - 00984659 _____ () C:\Users\Veysi\Downloads\Moldova.map
2015-02-18 09:56 - 2015-02-18 09:56 - 01382155 _____ () C:\Users\Veysi\Downloads\Malta.map
2015-02-18 09:54 - 2015-02-18 09:55 - 03043912 _____ () C:\Users\Veysi\Downloads\Luxemburg.map
2015-02-18 09:53 - 2015-02-18 09:54 - 16203772 _____ () C:\Users\Veysi\Downloads\Lithuania.map
2015-02-18 09:52 - 2015-02-18 09:52 - 00452820 _____ () C:\Users\Veysi\Downloads\Liechtenstein.map
2015-02-18 09:50 - 2015-02-18 09:51 - 22420846 _____ () C:\Users\Veysi\Downloads\Latvia.map
2015-02-18 09:49 - 2015-02-18 09:49 - 02382388 _____ () C:\Users\Veysi\Downloads\Kosovo.map
2015-02-17 23:28 - 2015-02-17 23:28 - 00000000 _____ () C:\Users\Veysi\Desktop\Neues Textdokument.txt
2015-02-17 23:22 - 2015-02-17 23:31 - 00000000 ____D () C:\Users\Veysi\Desktop\IPtv list
2015-02-16 18:57 - 2015-02-18 10:09 - 61118365 _____ () C:\Users\Veysi\Downloads\Netherlands.map
2015-02-16 18:40 - 2015-02-16 18:45 - 17338062 _____ () C:\Users\Veysi\Downloads\Iceland.map
2015-02-16 18:06 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-16 18:06 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-16 18:02 - 2015-02-16 18:02 - 00000000 ____D () C:\WINDOWS\Sun
2015-02-16 18:02 - 2015-02-16 18:01 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-02-16 17:53 - 2015-02-16 17:53 - 00639400 _____ (Oracle Corporation) C:\Users\Veysi\Downloads\chromeinstall-8u31.exe
2015-02-16 17:06 - 2015-02-16 17:06 - 00001141 _____ () C:\Users\Veysi\Desktop\tv - Verknüpfung.lnk
2015-02-16 10:41 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-16 10:41 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-16 10:41 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-16 10:41 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-16 10:41 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-16 10:41 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-16 10:41 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-16 10:41 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-16 10:41 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-16 10:41 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-16 10:41 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-16 10:41 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-16 10:41 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-16 10:41 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-16 10:41 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-16 10:41 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-16 10:41 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-16 10:41 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-16 10:41 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-16 10:41 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-16 10:41 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-16 10:41 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-16 10:41 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-16 10:41 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-16 10:41 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-16 10:41 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-16 10:41 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-16 10:41 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-16 10:41 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-16 10:41 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-16 10:41 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-16 10:41 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-16 10:41 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-16 10:41 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-16 10:41 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-16 10:41 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-16 10:41 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-16 10:41 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-16 10:41 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-16 10:41 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-16 10:41 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-16 10:41 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-16 10:41 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-16 10:41 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-16 10:41 - 2014-12-09 00:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-16 10:40 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-16 10:40 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-16 10:40 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-16 10:40 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-16 10:40 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-16 10:39 - 2015-02-04 00:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-02-16 10:39 - 2015-02-04 00:08 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-02-16 10:39 - 2015-02-04 00:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-02-16 10:39 - 2015-02-03 00:11 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-02-16 10:39 - 2015-02-03 00:11 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-02-16 10:39 - 2015-02-03 00:11 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-02-16 10:39 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-16 10:39 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-16 00:05 - 2015-02-16 17:16 - 00000000 ____D () C:\Users\Veysi\Desktop\iptv
2015-02-12 17:21 - 2015-02-12 18:02 - 211522672 _____ () C:\Users\Veysi\Downloads\Italy.map
2015-02-12 17:20 - 2015-02-12 17:20 - 00699668 _____ () C:\Users\Veysi\Downloads\Isle_of_Man.map
2015-02-12 17:02 - 2015-02-12 17:16 - 73509592 _____ () C:\Users\Veysi\Downloads\Greece.map
2015-02-12 17:01 - 2015-02-12 17:01 - 00317963 _____ () C:\Users\Veysi\Downloads\Gibraltar.map
2015-02-12 14:55 - 2015-02-16 18:51 - 35094852 _____ () C:\Users\Veysi\Downloads\Hungary.map
2015-02-12 14:51 - 2015-02-12 14:51 - 00001412 _____ () C:\Users\Veysi\Downloads\Navigon_Blitzer-ymx5jomej15h.dlc
2015-02-12 14:48 - 2015-02-12 15:34 - 260033132 _____ () C:\Users\Veysi\Downloads\Germany.map
2015-02-12 14:47 - 2015-02-12 14:47 - 05514936 _____ () C:\Users\Veysi\Downloads\FYROM.map
2015-02-12 14:41 - 2015-02-12 14:41 - 00001261 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-02-12 14:26 - 2015-02-12 14:45 - 137278717 _____ () C:\Users\Veysi\Downloads\Finland.map
2015-02-09 22:27 - 2015-02-12 17:00 - 419766690 _____ () C:\Users\Veysi\Downloads\France.map
2015-02-09 22:24 - 2015-02-09 22:26 - 22450476 _____ () C:\Users\Veysi\Downloads\Estonia.map
2015-02-09 22:20 - 2015-02-09 22:23 - 31283796 _____ () C:\Users\Veysi\Downloads\Denmark.map
2015-02-09 22:11 - 2015-02-09 22:19 - 87256687 _____ () C:\Users\Veysi\Downloads\Czech_Republic.map
2015-02-09 22:08 - 2015-02-09 22:10 - 22286143 _____ () C:\Users\Veysi\Downloads\Croatia.map
2015-02-09 22:04 - 2015-02-09 22:07 - 26756343 _____ () C:\Users\Veysi\Downloads\Bulgaria.map
2015-02-09 22:03 - 2015-02-09 22:04 - 11021601 _____ () C:\Users\Veysi\Downloads\Bosnia and Herzegovina.map
2015-02-09 21:58 - 2015-02-09 22:02 - 34780800 _____ () C:\Users\Veysi\Downloads\Belgium.map
2015-02-09 21:58 - 2015-02-09 21:58 - 01387477 _____ () C:\Users\Veysi\Downloads\Belarus.map
2015-02-09 21:51 - 2015-02-09 21:56 - 54251921 _____ () C:\Users\Veysi\Downloads\Austria.map
2015-02-09 21:50 - 2015-02-09 21:50 - 00475559 _____ () C:\Users\Veysi\Downloads\Andorra.map
2015-02-09 21:48 - 2015-02-09 21:51 - 07344230 _____ () C:\Users\Veysi\Downloads\Albania.map
2015-02-09 21:45 - 2015-02-09 21:45 - 00025072 _____ () C:\Users\Veysi\Downloads\Navigon.Maps.Q4.2014_Einzeldownloads_-1hp7hgndw06p.dlc
2015-02-01 03:49 - 2015-02-18 18:37 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-01 03:41 - 2015-02-01 03:42 - 152439600 _____ (Apple Inc.) C:\Users\Veysi\Downloads\itunes6464setup.exe
2015-01-30 23:45 - 2015-01-30 23:45 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Nero
2015-01-30 23:44 - 2015-01-30 23:44 - 00002929 _____ () C:\Users\Public\Desktop\Nero 2015.lnk
2015-01-30 23:41 - 2015-01-30 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-01-30 23:14 - 2015-01-30 23:14 - 00000000 ____D () C:\Users\Veysi\Downloads\Nero Platinum 2015_Vers. 16.0.02900_Multi
2015-01-29 16:33 - 2015-01-29 16:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-01-29 16:33 - 2015-01-29 16:33 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-01-29 16:32 - 2015-01-10 09:07 - 32102544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 25459856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 24765584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 20465296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 18566296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 17250776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 16009120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 13295552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 13210248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 10774544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 10714488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 10274448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-01-29 16:32 - 2015-01-10 09:07 - 03607184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 03245712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 01895240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434725.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 01556808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434725.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00969360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00942736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00929424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00906384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00496456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00390472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00353040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00345744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00305320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00031376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-01-29 12:53 - 2015-01-29 12:54 - 00000000 ____D () C:\Users\Veysi\Downloads\Bitdefender Safepay
2015-01-29 12:46 - 2015-01-29 12:46 - 00173172 _____ () C:\Users\Veysi\Desktop\horaireslocauxjusquemercrediversionetudiants.xlsx
2015-01-28 12:58 - 2013-12-28 02:13 - 01085344 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll
2015-01-28 12:37 - 2015-01-28 12:37 - 00079192 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2015-01-28 12:35 - 2015-01-28 12:35 - 00547816 _____ () C:\ProgramData\1422444577.bdinstall.bin
2015-01-28 12:33 - 2015-01-28 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-01-28 12:33 - 2014-12-02 16:40 - 00082824 _____ (BitDefender SRL) C:\WINDOWS\system32\Drivers\bdsandbox.sys
2015-01-28 12:33 - 2014-10-03 20:11 - 00263032 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2015-01-28 12:33 - 2014-09-25 15:57 - 01288472 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2015-01-28 12:33 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2015-01-28 12:33 - 2013-11-19 14:44 - 00098768 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\bdfndisf6.sys
2015-01-28 12:33 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2015-01-28 12:32 - 2015-01-28 12:32 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\Bitdefender
2015-01-28 12:29 - 2014-10-22 09:29 - 00155912 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2015-01-28 12:29 - 2014-10-15 16:14 - 00452040 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2015-01-28 02:47 - 2015-01-28 02:47 - 00000000 ____D () C:\Users\Veysi\AppData\Temp
2015-01-28 01:50 - 2015-01-28 01:50 - 00074000 _____ (BitDefender SRL) C:\WINDOWS\system32\bdsandboxuiskin32.dll
2015-01-28 01:49 - 2015-01-28 01:49 - 00000385 _____ () C:\Users\Veysi\AppData\Roaminguser_gensett.xml
2015-01-28 01:48 - 2015-01-28 01:48 - 00000385 _____ () C:\WINDOWS\system32\user_gensett.xml
2015-01-28 01:48 - 2015-01-28 01:48 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-01-28 01:47 - 2015-01-28 02:57 - 00000000 ____D () C:\ProgramData\BDLogging
2015-01-28 01:47 - 2014-12-02 16:37 - 00074000 _____ (BitDefender SRL) C:\WINDOWS\SysWOW64\bdsandboxuiskin32.dll
2015-01-28 01:47 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2015-01-28 01:43 - 2015-01-28 12:43 - 00000000 ____D () C:\Program Files\Bitdefender
2015-01-28 01:43 - 2015-01-28 12:33 - 00000000 ____D () C:\ProgramData\Bitdefender
2015-01-28 01:43 - 2015-01-28 01:43 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\QuickScan
2015-01-28 01:43 - 2014-12-02 16:37 - 00084336 _____ (BitDefender SRL) C:\WINDOWS\system32\bdsandboxuiskin.dll
2015-01-28 01:43 - 2014-12-02 13:37 - 00033360 _____ (BitDefender SRL) C:\WINDOWS\system32\bdsandboxuh.dll
2015-01-28 01:42 - 2015-01-28 12:29 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-01-28 01:25 - 2015-01-28 01:25 - 00000000 ____D () C:\OETemp
2015-01-28 01:03 - 2015-01-28 01:03 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\PlatinumHideIP
2015-01-28 01:03 - 2015-01-28 01:03 - 00000000 ____D () C:\ProgramData\PlatinumHideIP
2015-01-24 13:40 - 2015-01-24 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-01-24 13:35 - 2015-01-24 13:35 - 00000000 ____D () C:\Users\Veysi\AppData\Local\Samsung
2015-01-24 13:33 - 2015-01-24 13:33 - 00000000 ____D () C:\Program Files (x86)\MarkAny
2015-01-24 13:33 - 2012-08-28 10:05 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-22 14:15 - 2014-02-09 15:18 - 00000000 ____D () C:\FRST
2015-02-22 14:10 - 2014-02-08 22:55 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3086666771-1258200647-2824944347-1002
2015-02-22 14:03 - 2014-10-17 22:43 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-22 14:00 - 2014-02-12 20:52 - 00000000 ___DO () C:\Users\Veysi\SkyDrive
2015-02-22 14:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-22 13:59 - 2014-10-17 22:43 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-22 13:59 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-22 13:58 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-22 13:57 - 2014-10-26 23:15 - 00000000 ____D () C:\AdwCleaner
2015-02-22 13:48 - 2013-08-22 15:44 - 00529720 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-22 13:47 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-02-22 13:46 - 2014-06-20 15:19 - 00000000 ____D () C:\ProgramData\AppSnow
2015-02-22 13:43 - 2014-02-09 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
2015-02-22 13:19 - 2014-02-09 01:10 - 00000000 ____D () C:\Users\Veysi\Documents\Fichiers Outlook
2015-02-22 12:47 - 2014-02-09 01:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-22 12:22 - 2014-02-13 01:55 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6AFBAFD9-0458-45E7-A5AE-EE747F64DAB5}
2015-02-21 22:33 - 2014-07-30 21:28 - 00000954 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3086666771-1258200647-2824944347-1002UA.job
2015-02-21 22:33 - 2014-07-30 21:28 - 00000932 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3086666771-1258200647-2824944347-1002Core.job
2015-02-21 20:10 - 2014-06-12 22:30 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\vlc
2015-02-21 18:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-21 14:36 - 2014-02-10 14:00 - 00000000 ____D () C:\Users\Veysi\AppData\Local\JDownloader v2.0
2015-02-21 13:13 - 2014-04-18 22:35 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-02-21 12:47 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-19 15:04 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-18 19:11 - 2014-02-12 20:26 - 00000000 ____D () C:\Users\Veysi
2015-02-18 18:58 - 2014-02-09 00:56 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-18 18:57 - 2014-02-09 00:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-18 18:53 - 2014-12-01 21:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-18 18:44 - 2014-04-19 14:19 - 00495104 ___SH () C:\Users\Veysi\Desktop\Thumbs.db
2015-02-18 18:36 - 2014-02-09 00:44 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\uTorrent
2015-02-18 18:33 - 2014-02-09 01:35 - 00000000 ____D () C:\ProgramData\Apple
2015-02-18 18:31 - 2014-06-29 02:12 - 00000983 _____ () C:\Users\Public\Desktop\DriverEasy.lnk
2015-02-16 18:07 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-16 18:06 - 2014-11-13 14:28 - 00001389 _____ () C:\Users\Public\Desktop\eID Viewer.lnk
2015-02-16 18:05 - 2014-11-13 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID
2015-02-16 18:05 - 2014-11-13 14:28 - 00000000 ____D () C:\Program Files (x86)\Belgium Identity Card
2015-02-16 18:01 - 2014-02-09 03:17 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-16 15:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-16 11:08 - 2014-02-10 16:22 - 00000000 ____D () C:\Program Files (x86)\Nero
2015-02-16 11:02 - 2013-12-28 02:00 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-16 11:01 - 2014-05-17 08:27 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-16 10:54 - 2014-02-09 01:52 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-16 10:53 - 2012-07-26 06:26 - 00000297 _____ () C:\WINDOWS\win.ini
2015-02-16 10:51 - 2014-12-11 14:07 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-16 10:51 - 2014-07-10 19:05 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-15 20:15 - 2014-02-08 18:46 - 00000000 ____D () C:\Users\Veysi\AppData\Local\Packages
2015-02-12 14:57 - 2013-11-14 08:27 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-12 14:57 - 2013-11-14 08:11 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-12 14:57 - 2013-11-14 08:11 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-12 14:41 - 2014-11-25 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-12 14:41 - 2014-11-25 16:33 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-02-12 14:40 - 2014-11-25 16:33 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-02-12 14:40 - 2014-03-24 16:14 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\DVDVideoSoft
2015-02-11 01:14 - 2014-09-16 12:42 - 00000000 ____D () C:\ProgramData\Samsung
2015-02-11 01:14 - 2014-09-16 12:37 - 00000000 ____D () C:\Users\Veysi\Documents\SelfMV
2015-02-05 14:47 - 2014-02-09 01:27 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-04 03:43 - 2014-02-09 02:29 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\Skype
2015-02-03 20:31 - 2015-01-19 18:43 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2015-01-19 18:43 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-02 16:39 - 2014-05-31 11:10 - 00182272 ___SH () C:\Users\Veysi\Downloads\Thumbs.db
2015-01-31 00:01 - 2014-02-10 16:30 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\Nero
2015-01-30 23:45 - 2014-02-10 16:22 - 00000000 ____D () C:\ProgramData\Nero
2015-01-29 16:41 - 2014-04-26 13:44 - 00000043 ___SH () C:\ProgramData\.zreglib
2015-01-29 16:33 - 2014-03-14 18:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-29 12:57 - 2014-06-25 20:18 - 00000000 ____D () C:\Users\Veysi\AppData\Local\Adobe
2015-01-28 12:59 - 2014-02-09 03:17 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-28 12:58 - 2014-10-17 22:43 - 00004106 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-28 12:58 - 2014-10-17 22:43 - 00003870 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-28 12:58 - 2013-12-28 02:13 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2015-01-28 12:58 - 2013-12-28 02:13 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2015-01-28 12:58 - 2013-12-28 02:13 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2015-01-28 12:58 - 2013-12-28 02:13 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-01-28 12:57 - 2014-11-16 23:48 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2015-01-28 12:57 - 2014-11-16 23:48 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2015-01-28 12:57 - 2014-11-16 23:48 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2015-01-28 12:57 - 2014-02-09 03:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-28 12:57 - 2013-12-28 02:13 - 00000000 ____D () C:\Program Files\Java
2015-01-28 11:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
2015-01-28 01:39 - 2014-10-26 23:50 - 00000000 ____D () C:\ProgramData\Avira
2015-01-28 01:39 - 2014-10-26 23:50 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-27 00:21 - 2014-02-19 19:19 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EF8ED63A-6A54-49B7-AE6C-09D3A748C055}
2015-01-27 00:20 - 2014-02-19 19:03 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3086666771-1258200647-2824944347-1003
2015-01-27 00:15 - 2014-02-19 19:06 - 00000000 __RDO () C:\Users\Nalin\SkyDrive
2015-01-24 19:42 - 2014-07-21 03:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-01-24 19:42 - 2013-12-28 02:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-24 19:39 - 2014-04-18 23:00 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\HTC
2015-01-24 19:39 - 2014-04-18 22:59 - 00000000 ____D () C:\ProgramData\HTC
2015-01-24 19:39 - 2014-04-18 22:54 - 00000000 ____D () C:\Program Files (x86)\HTC
2015-01-24 19:38 - 2014-05-31 11:59 - 00000005 _____ () C:\WINDOWS\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2015-01-24 13:41 - 2014-04-18 22:52 - 00000000 ____D () C:\Users\Veysi\AppData\Local\Downloaded Installations
2015-01-24 13:35 - 2014-07-21 03:50 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\Samsung
2015-01-24 13:34 - 2014-07-21 03:49 - 00000000 ____D () C:\Program Files (x86)\Samsung

==================== Files in the root of some directories =======

2014-10-02 13:01 - 2014-10-02 13:01 - 0000037 ___SH () C:\Users\Veysi\AppData\Local\70149b02515b3bb20dd492.47983420
2014-04-11 19:38 - 2014-12-02 15:41 - 0004608 _____ () C:\Users\Veysi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-09 18:17 - 2015-01-17 15:12 - 0007607 _____ () C:\Users\Veysi\AppData\Local\Resmon.ResmonCfg
2014-04-26 13:44 - 2015-01-29 16:41 - 0000043 ___SH () C:\ProgramData\.zreglib
2015-01-28 12:35 - 2015-01-28 12:35 - 0547816 _____ () C:\ProgramData\1422444577.bdinstall.bin
2014-02-09 16:30 - 2014-02-09 16:30 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-02-12 20:20 - 2014-02-12 20:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Veysi\AppData\Local\Temp\proxy_vole7594420029095270810.dll
C:\Users\Veysi\AppData\Local\Temp\Quarantine.exe
C:\Users\Veysi\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-18 12:38

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by Veysi at 2015-02-22 14:17:15
Running from F:\Defogger
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Disabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Disabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Disabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
AC3File 0.7b (HKLM-x32\...\AC3File_is1) (Version: 0.7b - Alexander Vigovsky)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Antidote 8 (HKLM-x32\...\{09AAAB09-6DBA-4DD9-9865-54597D3FBCA8}) (Version: 8.04.1237 - Druide informatique inc.)
Assistant de téléchargement (HKLM-x32\...\{92154A3C-9BB7-49D7-A571-4EB6373FA5AD}) (Version: 6.65.13 - Druide informatique inc.)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Behind The Reflection 2: Witch's Revenge (x32 Version: 3.0.2.32 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Belgium e-ID middleware 4.1.0 (build 1315) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71315}) (Version: 4.1.1315 - Belgian Government)
Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.39 - Abelssoft)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2529 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6201.52 - CyberLink Corp.)
CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.3105.58 - CyberLink Corp.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
DriverEasy 4.9.0 (HKLM\...\DriverEasy_is1) (Version: 4.9.0.0 - Easeware)
Duden Professional (HKLM-x32\...\{CADD1164-F60E-484B-A01C-F5CDE6FD40FD}) (Version: 10.0.0 - Bibliographisches Institut GmbH)
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Free Studio version 6.4.3.128 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.3.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32 - WildTangent) Hidden
HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät (HKLM\...\{F28BD099-9FC0-4A03-A605-E069B8D17D47}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41800) (Version: 3.8.0.41800.66 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) PROSet/Wireless NFC-Software (HKLM\...\Intel(R) PROSet/Wireless NFC-Software) (Version: 1.1.1.003 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IsoBuster 3.3 (HKLM-x32\...\IsoBuster3_is1) (Version: 3.3 - Smart Projects)
IsoBuster 3.5 (HKLM-x32\...\IsoBuster_is1) (Version: 3.5 - Smart Projects)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack 10.3.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.0 - )
KMSpico v9.2.1 Beta (HKLM\...\KMSpico_is1) (Version: 9.2.1 Beta - )
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office Professionnel Plus*2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
MyDriveConnect 3.3.0.1812 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1812 - TomTom)
MyFreeCodec (HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\MyFreeCodec) (Version:  - )
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Nero 2015 (HKLM-x32\...\{763EF8DC-4CC0-47CA-BE1C-BDE731462250}) (Version: 16.0.02900 - Nero AG)
Nero 2015 Content Pack (HKLM-x32\...\{55192BC6-EDBA-4F48-A2C4-3D164E41AF55}) (Version: 16.0.00300 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.02.14060 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.9200.33045 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.2.0.02040 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{64AEB277-30E8-4C5B-A9D5-66CD8995AF75}) (Version: 8.3.0.08220 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{3A097A28-308D-4C39-809F-C72ED47636E2}) (Version: 1.0.2.08020 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.0.03070 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.2.00.07040 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.3.0.08010 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VASCO Card Reader Plug-In (64-Bit) (Version: 3.2.3.2 - VASCO Data Security) Hidden
VASCO Smart Card Reader Plug-In (User) (HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\{8bc0c044-0d13-4fe6-90c1-af39c36cb927}) (Version: 3.2.3.2 - VASCO Data Security)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7850 - Broadcom Corporation)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Windows-Treiberpaket - Broadcom (BCM43XX) Net  (12/13/2013 6.30.223.215) (HKLM\...\59EE3461B77229A4F846543766A6EFF2F2BAFC6B) (Version: 12/13/2013 6.30.223.215 - Broadcom)
Windows-Treiberpaket - Fedict SmartCard  (04/30/2014 4.0.7.5) (HKLM\...\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7) (Version: 04/30/2014 4.0.7.5 - Fedict)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002_Classes\CLSID\{9E436272-69C3-5FBA-9C1D-15694337F4AC}\InprocServer32 -> C:\Users\Veysi\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll (VASCO Data Security)
CustomCLSID: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002_Classes\CLSID\{AFD6BFDC-F329-41BB-9C53-764B965DD483}\InprocServer32 -> C:\Program Files (x86)\Duden\Duden Korrektor\adxloader64.dll ()

==================== Restore Points  =========================

01-02-2015 03:47:54 Installed iTunes
12-02-2015 17:55:15 Geplanter Prüfpunkt
16-02-2015 10:46:22 Windows Update
18-02-2015 18:31:42 Removed Apple Application Support (32-Bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0083CBA4-8F7C-49F7-A0BA-06F6B2C22990} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {00DA3A5E-E698-4CF1-AA5A-D840AA9688B0} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation)
Task: {1B350830-93D9-43F5-B521-C2B5D8B759BC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3086666771-1258200647-2824944347-1002Core => C:\Users\Veysi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-30] (Facebook Inc.)
Task: {2277AC9A-48E1-43D1-B7AF-6DF9707B2934} - System32\Tasks\{9F0B056C-3FB0-4B7D-8387-F48990581515} => pcalua.exe -a "C:\Program Files\McAfeeEx\MOCP\uninstall.exe"
Task: {24EDBFDF-A1F4-4C2D-B11C-39B7BFFB7476} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {362FEC6F-7F81-47B0-8A30-759BDC8F5BA6} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {40C67053-CF15-4B5C-833E-5DF13F7C5FC1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {4965C9E1-4EB1-4BCE-9A35-0504F2F1A250} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {4CF7F389-E24E-41F1-9C11-D47561B77149} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2014-12-04] (CHIP)
Task: {4DE85C99-C89B-431C-BD00-D85C71629A44} - \GS_Booster-S-576482620 No Task File <==== ATTENTION
Task: {4E3E58DD-CD55-43B6-A6C2-A0F36679688F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3086666771-1258200647-2824944347-1002UA => C:\Users\Veysi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-30] (Facebook Inc.)
Task: {4EA795F3-9AC3-4236-A50E-045749FCF346} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {52B63ACD-C786-49B6-9F65-5A801DBFE15E} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {58CA2C68-249C-41E2-B96E-E37DFE355211} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {5ABEC7C8-08B0-449F-84C2-E1785F977AC8} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {615158A8-65DF-4B08-A718-FB3ED2751A66} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {6ADD58DF-6C0E-485B-A78B-D33C89390E6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {6B366F0D-3295-4D12-AC2A-23EB2317FCA7} - System32\Tasks\AutoPico Daily Restart => C:\Program Files (x86)\KMSpico\AutoPico.exe [2014-02-06] ()
Task: {6D651130-91ED-4B7C-A8E3-E7B9EE418E6B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-02-16] (Microsoft Corporation)
Task: {75DD6F4F-220F-42D6-83F9-20D43A457E78} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {7956B180-CEA2-43D6-AF07-87F8552C8C12} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {7DE8F51D-8636-4ADF-9680-C26A75059613} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {804A33AA-9587-44E6-81A8-33996717ECEC} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {9D6ECCF0-CB45-4BAE-B803-1F46B46D2502} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A01ED9E0-D1CA-4C97-8000-B21E48EB1705} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {A8F6A732-B4F8-43EE-969A-8BE6B9C50397} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {ACE135E7-0E0C-4721-BA5F-025A5C8BC535} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {AD7E85C0-5C29-4EE4-80FA-A4A946476F88} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {B3D11219-B486-40C2-B83E-74732737DC53} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C5811A72-D1B4-4FA9-B640-8E97D77C456A} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {C5924CE3-B700-4EAE-9F08-18712009633C} - \SO_Booster-S-2355932470 No Task File <==== ATTENTION
Task: {CECF24F0-7997-426B-90B6-C14192A619BD} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {D87961FE-E9E1-4C18-83FD-96BBC947A706} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-02-04] (Sony Corporation)
Task: {DBC27D3E-E88E-4845-B249-041DCE8B6082} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {EBAF0589-C2F8-48C7-8C26-7304C9A177B2} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {F0747D26-EDB4-471D-B9E4-287F6287BC94} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2013-08-29] (Sony Corporation)
Task: {F70FDA04-70C6-4BC6-B073-D36C26ED2177} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {F71693C7-7261-4ED9-9953-22BDEB642379} - \AutoKMS No Task File <==== ATTENTION
Task: {F9BAEDC2-BD89-4281-8805-9AFBDB629DF9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {FA094B5B-3FE0-4756-A929-7F874BE6F1BB} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3086666771-1258200647-2824944347-1002Core.job => C:\Users\Veysi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3086666771-1258200647-2824944347-1002UA.job => C:\Users\Veysi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) ==============

2014-03-14 18:14 - 2015-01-10 09:07 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-01-28 12:33 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-01-28 12:33 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-01-28 12:33 - 2015-01-20 17:34 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-01-28 12:33 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-02-06 15:29 - 2015-02-06 15:29 - 00784712 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttpbr.mdl
2015-02-06 15:29 - 2015-02-06 15:29 - 00573544 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttpdsp.mdl
2015-02-06 15:29 - 2015-02-06 15:29 - 02657264 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttpph.mdl
2015-02-06 15:29 - 2015-02-06 15:29 - 01331648 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttprbl.mdl
2014-03-14 18:22 - 2015-01-10 00:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-21 22:23 - 2013-10-17 16:32 - 00020472 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2013-09-04 19:13 - 2013-09-04 19:13 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-03-26 11:44 - 2013-03-26 11:44 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2015-01-28 12:59 - 2015-01-25 22:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-28 12:59 - 2015-01-25 22:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2013-09-05 01:36 - 2015-01-10 09:07 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-01-28 12:59 - 2015-01-25 22:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\Users\Nalin\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Veysi\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Veysi\Downloads\itunes6464setup.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img2 Wallpaper 1366x768.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CLKMSVC10_9EC60124 => 2
MSCONFIG\Services: CyberLink PowerDVD 13 Media Server Monitor Service => 2
MSCONFIG\Services: CyberLink PowerDVD 13 Media Server Service => 2
MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Service KMSELDI => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SOHCImp => 3
MSCONFIG\Services: SOHDms => 3
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: VAIO Event Service => 2
MSCONFIG\Services: VAIO Power Management => 3
MSCONFIG\Services: VCFw => 3
MSCONFIG\Services: VCService => 3
HKLM\...\StartupApproved\StartupFolder: => "McAfee Parental Controls.lnk"
HKLM\...\StartupApproved\Run: => "Bluetooth"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "3e936482e28cca4a48b713452330a269"
HKLM\...\StartupApproved\Run: => "AgentAntidote32"
HKLM\...\StartupApproved\Run: => "AgentAntidote64"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "Intel AppUp(R) center"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PowerDVD13Agent"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Registry Helper"
HKLM\...\StartupApproved\Run32: => "GoforFilesInstaller Starter"
HKLM\...\StartupApproved\Run32: => "YourFile DownloaderInstaller Starter"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\StartupFolder: => "svchost.exe"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "HP Officejet 6500 E710a-f (NET)"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "3e936482e28cca4a48b713452330a269"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "LiveSupport"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_6BE239DCA32C94045EC09A7D76CC0817"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "Kies3PDLR.exe"
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\StartupApproved\Run: => "Bitdefender-Geldbörse-Agent"

==================== Accounts: =============================

Administrator (S-1-5-21-3086666771-1258200647-2824944347-500 - Administrator - Disabled)
Gast (S-1-5-21-3086666771-1258200647-2824944347-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3086666771-1258200647-2824944347-1006 - Limited - Enabled)
Nalin (S-1-5-21-3086666771-1258200647-2824944347-1003 - Administrator - Enabled) => C:\Users\Nalin
Veysi (S-1-5-21-3086666771-1258200647-2824944347-1002 - Administrator - Enabled) => C:\Users\Veysi

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (02/22/2015 02:17:17 PM) (Source: DCOM) (EventID: 10010) (User: ECE-NOTEBOOK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (02/22/2015 02:16:47 PM) (Source: DCOM) (EventID: 10010) (User: ECE-NOTEBOOK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (02/22/2015 02:16:17 PM) (Source: DCOM) (EventID: 10010) (User: ECE-NOTEBOOK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (02/22/2015 02:15:47 PM) (Source: DCOM) (EventID: 10010) (User: ECE-NOTEBOOK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (02/22/2015 02:15:17 PM) (Source: DCOM) (EventID: 10010) (User: ECE-NOTEBOOK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (02/22/2015 02:13:10 PM) (Source: DCOM) (EventID: 10010) (User: ECE-NOTEBOOK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (02/22/2015 02:12:40 PM) (Source: DCOM) (EventID: 10010) (User: ECE-NOTEBOOK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (02/22/2015 02:12:10 PM) (Source: DCOM) (EventID: 10010) (User: ECE-NOTEBOOK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (02/22/2015 02:11:40 PM) (Source: DCOM) (EventID: 10010) (User: ECE-NOTEBOOK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (02/22/2015 02:11:10 PM) (Source: DCOM) (EventID: 10010) (User: ECE-NOTEBOOK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-10-24 15:18:49.811
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:18:49.718
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:07.708
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:07.473
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:07.223
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:07.051
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:06.848
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:06.739
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:06.536
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-24 15:17:06.426
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3537U CPU @ 2.00GHz
Percentage of memory in use: 29%
Total physical RAM: 8070.8 MB
Available physical RAM: 5703.54 MB
Total Pagefile: 9350.8 MB
Available Pagefile: 6631.11 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.62 GB) (Free:304.63 GB) NTFS
Drive e: (Multimedia) (Fixed) (Total:351.56 GB) (Free:28.94 GB) NTFS
Drive f: (Programme) (Fixed) (Total:78.12 GB) (Free:23.39 GB) NTFS
Drive g: (Schule & Administration) (Fixed) (Total:21.49 GB) (Free:19.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 92FDF581)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Alt 22.02.2015, 17:45   #9
schrauber
/// the machine
/// TB-Ausbilder
 

iolorgdf32 program not found skipping autocheck - Standard

iolorgdf32 program not found skipping autocheck




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.02.2015, 13:11   #10
--sinan--
 
iolorgdf32 program not found skipping autocheck - Standard

iolorgdf32 program not found skipping autocheck



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=36882
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=5a22996bd94f5642b834626be5f1d690
# engine=22596
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-23 05:06:34
# local_time=2015-02-23 06:06:34 (+0100, Mitteleuropäische Zeit    )
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Bitdefender Antivirus'
# compatibility_mode=2066 16777213 100 100 24436 128513303 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 8775142 14972313 0 0
# scanned=399318
# found=259
# cleaned=0
# scan_time=20221
sh=FF6C5A8C29C241FF6473F523BBC503CA71495828 ft=1 fh=b00fb477ddfbb081 vn="Win32/AdWare.SmartApps.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Bench\Updater\updater.exe.vir"
sh=E4D52A13B9D9F3D5BE0C4653857250D633223518 ft=1 fh=1aec917682e94057 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir"
sh=6BF3E641CE0003E395A0A0D98AFB3F025334F695 ft=1 fh=9f67302321ccba6c vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\sppsm.dll.vir"
sh=8092C608B4E086365D99AC1EA8AF340C95A6B1B2 ft=1 fh=03ccaa026cb41a28 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\spusm.dll.vir"
sh=8BC417D84335C8A2984292D841C3006F4AA33F19 ft=1 fh=b832c00106aff94b vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srbs.dll.vir"
sh=D1AC909FA3DA3ACE7120A10116A2172DE0FCA1ED ft=1 fh=6f70850ac416122f vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srbu.dll.vir"
sh=8AB15733E80D0AE684F54EB075FC220DF1BD5721 ft=1 fh=5e8557a3384687dc vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srpt.dll.vir"
sh=5FB95D21BE8CF2753FD8A42398ADD26E2B21409F ft=1 fh=0f2c5f177050d203 vn="Variante von Win32/Toolbar.Conduit.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\IE\CT3297265\UninstallerUI.exe.vir"
sh=5FB95D21BE8CF2753FD8A42398ADD26E2B21409F ft=1 fh=0f2c5f177050d203 vn="Variante von Win32/Toolbar.Conduit.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\Multi\CT3297265\UninstallerUI.exe.vir"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js.vir"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js.vir"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js.vir"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js.vir"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js.vir"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js.vir"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js.vir"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js.vir"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js.vir"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js.vir"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js.vir"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js.vir"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js.vir"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js.vir"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js.vir"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js.vir"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js.vir"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js.vir"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js.vir"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js.vir"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js.vir"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js.vir"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js.vir"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js.vir"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js.vir"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js.vir"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js.vir"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js.vir"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js.vir"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js.vir"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js.vir"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js.vir"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js.vir"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js.vir"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js.vir"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js.vir"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js.vir"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js.vir"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js.vir"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js.vir"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js.vir"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js.vir"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js.vir"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js.vir"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js.vir"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js.vir"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js.vir"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js.vir"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js.vir"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js.vir"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js.vir"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js.vir"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js.vir"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js.vir"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js.vir"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js.vir"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js.vir"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js.vir"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js.vir"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js.vir"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js.vir"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js.vir"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js.vir"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js.vir"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js.vir"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js.vir"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js.vir"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js.vir"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js.vir"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js.vir"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js.vir"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js.vir"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js.vir"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js.vir"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js.vir"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js.vir"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js.vir"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js.vir"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js.vir"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js.vir"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js.vir"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js.vir"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js.vir"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js.vir"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js.vir"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js.vir"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js.vir"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js.vir"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Chromatic Browser\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js.vir"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Chromatic Browser\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js.vir"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Chromatic Browser\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js.vir"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js.vir"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js.vir"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js.vir"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js.vir"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js.vir"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js.vir"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js.vir"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Google\Chrome\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js.vir"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Google\Chrome\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js.vir"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Google\Chrome\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js.vir"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js.vir"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js.vir"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js.vir"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js.vir"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js.vir"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\torch\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js.vir"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\torch\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js.vir"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\torch\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js.vir"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\torch\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js.vir"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\torch\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js.vir"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\torch\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js.vir"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\torch\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js.vir"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\torch\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js.vir"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\torch\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js.vir"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Local\torch\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js.vir"
sh=2FCD64D2F7F6A43668875604B8E092BD386BAB18 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nalin\AppData\Roaming\Mozilla\Firefox\Profiles\cpih6i3v.default\Extensions\3p2@n.com\content\bg.js.vir"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js.vir"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\Chromatic Browser\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js.vir"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\Chromatic Browser\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js.vir"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\Chromatic Browser\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js.vir"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js.vir"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js.vir"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js.vir"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js.vir"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js.vir"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js.vir"
sh=D86451022DDD8348105C1D52FBFD2ADB1E2DCC30 ft=1 fh=d3e706a6307522ba vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll.vir"
sh=D3CBDD7C6ED2C9D81DA4FCF9AF57CDD5D3711ED3 ft=1 fh=86dbe26399c3d0fa vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll.vir"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\torch\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js.vir"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\torch\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js.vir"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\torch\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js.vir"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\torch\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js.vir"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\torch\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js.vir"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\torch\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js.vir"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\torch\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js.vir"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\torch\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js.vir"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\torch\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js.vir"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Local\torch\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js.vir"
sh=2FCD64D2F7F6A43668875604B8E092BD386BAB18 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\3p2@n.com\content\bg.js.vir"
sh=BF6CAF1BEDF21F8B36AD30315942B7D8EC17354C ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\i@qLVq.edu\content\bg.js.vir"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js"
sh=FC60B61B410E756D3ABCEA3DCDC2D643BA60F06D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js"
sh=DA2244DCD437BB5EDD4B24B571F75A0AE3B67335 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js"
sh=FFBF8DA76819CAC98B13E02928E677B7853B5C06 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js"
sh=612F4D78DE8E464775E98558CFA68EE9888D4783 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js"
sh=4D778BF6C1E9E4F9F620AB7DC32689A194104728 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js"
sh=CB967CC7E97163367B0FB78E15BD55F254757022 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js"
sh=DF1FB64F6C54BF34E3FD6BFE47DDCE78DA323E11 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js"
sh=EE389589FA70E53CDD2DD5AA49020DD614600218 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js"
sh=47B70359897EAC9FC51E9C55CBFB5A7AC198094B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js"
sh=E9DD0385098E3370ADCC39D28606B603CA69C53E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js"
sh=D4836750E380AD9A5162E9423A91BFCF581AE229 ft=1 fh=d21b0691b248e069 vn="Win32/Toolbar.Conduit.AN evtl. unerwünschte Anwendung" ac=I fn="F:\DivX Plus 10.1 Build 1.10.1.363+Key-FFF\DivXInstaller.exe"
sh=D58FE1F52F7C4459A7A5E883C906F44FB4ADF9BA ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="F:\Isobuster-3.3-Final\Isobuster-3.3-Final.rar"
sh=CEC8E516B118BDA2D3C46878F7937F5F13E39C4D ft=1 fh=9fd0c935e4e604a0 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="F:\Isobuster-3.3-Final\isobuster_all_lang.exe"
sh=ACADF2B82AECDEDB4D590808EEB01D436999E91E ft=1 fh=f1e915411acfaf75 vn="Variante von Win32/Packed.VMProtect.AAA Trojaner" ac=I fn="F:\SkZ-AssasinsCree\-=SKANZ==-\ubiorbitapi_r2.dll"
sh=6C0C5252F5BB5E170BE1C484B67D056B8FCAF065 ft=1 fh=ef633b876a0031f8 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="G:\Sinan\HELMo Sainte-Marie\2ième Assurances\Bureautique\Champions League Powerpoint\SoftonicDownloader_for_free-mp3-cutter-and-editor.exe"
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.96  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Bitdefender Antivirus   
Windows Defender        
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 31  
 Java version 32-bit out of Date! 
  Java 64-bit 8 Update 31  
 Adobe Flash Player 	16.0.0.305  
 Adobe Reader XI  
 Google Chrome (40.0.2214.115) 
 Google Chrome (40.0.2214.93) 
````````Process Check: objlist.exe by Laurent````````  
 Bitdefender Bitdefender 2015 vsserv.exe  
 Bitdefender Bitdefender 2015 updatesrv.exe  
 Bitdefender Bitdefender 2015 bdagent.exe  
 Bitdefender Bitdefender 2015 bdwtxag.exe  
 Bitdefender Bitdefender 2015 bdwtxcr.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         

Alt 23.02.2015, 13:26   #11
--sinan--
 
iolorgdf32 program not found skipping autocheck - Standard

iolorgdf32 program not found skipping autocheck



FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2015
Ran by Veysi (administrator) on ECE-NOTEBOOK on 23-02-2015 14:01:09
Running from F:\Defogger
Loaded Profiles: Veysi (Available profiles: Veysi & Nalin)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicatorCom.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxcr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\nacl64.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-18] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3039984 2013-03-14] (Synaptics Incorporated)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [534232 2013-09-04] (Broadcom Corporation.)
HKLM\...\Run: [AgentAntidote32] => C:\Program Files (x86)\Druide\Antidote 8\Programmes32\AgentAntidote.exe [1214496 2014-04-17] (Druide informatique inc.)
HKLM\...\Run: [AgentAntidote64] => C:\Program Files (x86)\Druide\Antidote 8\Programmes64\AgentAntidote.exe [1371680 2014-04-17] (Druide informatique inc.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1686480 2014-12-17] (Bitdefender)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-03-13] (cyberlink)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-02-19] (Intel Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-07-05] (CyberLink Corp.)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Run: [HP Officejet 6500 E710a-f (NET)] => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Run: [Facebook Update] => C:\Users\Veysi\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-30] (Facebook Inc.)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [845120 2015-01-14] (Samsung)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2014-11-25] (Bitdefender)
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\MountPoints2: {1804f4f5-a3c3-11e4-bf31-3c0771767729} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\MountPoints2: {7bbbe2cf-c4c1-11e3-be9f-3c0771767729} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\MountPoints2: {90a48fef-f5a1-11e3-becc-3c0771767729} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\MountPoints2: {aea2b8a0-a6c6-11e3-be91-34238781008e} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32:  c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: , c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
Startup: C:\Users\Nalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Nalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\Veysi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Veysi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6500 E710a-f (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6500 E710a-f (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * autocheck iolorgdf32 C:\Users\Veysi\AppData\Roaming\iolo\
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
URLSearchHook: HKLM-x32 - (No Name) - {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
BHO: YoutubeAdblocker -> {2EE2E023-961D-09E3-2B6C-234F7FEA5160} ->  No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Toolbar: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002 -> No Name - {6DAD39C6-F4AC-4984-8E9B-F666269B9EB1} -  No File
Toolbar: HKU\S-1-5-21-3086666771-1258200647-2824944347-1002 -> Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.0.318\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Veysi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: vasco.com/VascoCardReaderPlugin -> C:\Users\Veysi\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll (VASCO Data Security)
FF Plugin HKU\S-1-5-21-3086666771-1258200647-2824944347-1002: vasco.com/VascoCardReaderPlugin64 -> C:\Users\Veysi\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll (VASCO Data Security)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\abs@avira.com [2015-02-16]
FF Extension: Module d'Antidote - C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\antidote7_win_firefox_103@druide.com [2014-07-26]
FF Extension: DownloadHelper - C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-12-01]
FF Extension: Platinum Hide IP - C:\Users\Veysi\AppData\Roaming\Mozilla\Firefox\Profiles\0vuvtf3v.default\Extensions\support@platinumhideip.com.xpi [2015-01-28]
FF Extension: eID België - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2014-12-01]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-01]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-01-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-01-28]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-17]
CHR Extension: (Google Docs) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-17]
CHR Extension: (Google Drive) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-17]
CHR Extension: (YouTube) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-17]
CHR Extension: (Google Search) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-17]
CHR Extension: (Bitdefender Wallet) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-01-28]
CHR Extension: (Google Sheets) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-17]
CHR Extension: (Avira Browser Safety) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-29]
CHR Extension: (Skype Click to Call) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-28]
CHR Extension: (Google Wallet) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-17]
CHR Extension: (Gmail) - C:\Users\Veysi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S4 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [247768 2013-02-01] (CyberLink)
S4 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
S4 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-05-29] (Intel Corporation)
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-06-29] (WildTangent)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-05-29] (Intel Corporation)
S4 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1069248 2014-02-06] () [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-05-29] (Intel Corporation)
S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1545376 2014-12-15] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6099968 2014-11-19] (Broadcom Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 77869811; C:\Windows\system32\DRIVERS\77869811.sys [460888 2014-04-13] (Kaspersky Lab ZAO)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-09-25] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [263032 2014-10-03] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8469680 2014-02-09] (Broadcom Corporation)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2013-11-19] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [82824 2014-12-02] (BitDefender SRL)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-02-09] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-14] (Synaptics Incorporated)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-07-06] (CyberLink Corp.)
S1 ifvhgvmq; \??\C:\WINDOWS\system32\drivers\ifvhgvmq.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-23 09:25 - 2015-02-23 09:25 - 00000826 _____ () C:\WINDOWS\PFRO.log
2015-02-23 00:55 - 2015-02-23 00:55 - 00852594 _____ () C:\Users\Veysi\Desktop\SecurityCheck.exe
2015-02-23 00:20 - 2015-02-23 00:20 - 02347384 _____ (ESET) C:\Users\Veysi\Downloads\esetsmartinstaller_deu.exe
2015-02-23 00:14 - 2015-02-23 13:57 - 00000693 _____ () C:\WINDOWS\setupact.log
2015-02-23 00:14 - 2015-02-23 00:14 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-22 16:10 - 2015-02-22 16:10 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\livestreamer
2015-02-22 16:09 - 2015-02-22 16:09 - 00000000 ____D () C:\Users\Veysi\Desktop\Movies,Serien
2015-02-22 14:37 - 2015-02-22 14:55 - 44181856 _____ () C:\Users\Veysi\Downloads\Switzerland.map
2015-02-22 14:36 - 2015-02-22 14:36 - 00529394 _____ () C:\Users\Veysi\Downloads\San Marino.map
2015-02-22 13:53 - 2015-02-23 09:23 - 00000000 ____D () C:\Users\Veysi\Desktop\trojan
2015-02-22 13:33 - 2015-02-22 16:15 - 00000000 ____D () C:\Users\Veysi\Desktop\PC tools
2015-02-22 13:33 - 2015-02-22 13:34 - 00000000 ____D () C:\Users\Veysi\AppData\Local\Abelssoft
2015-02-22 13:33 - 2015-02-22 13:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Abelssoft
2015-02-22 13:33 - 2015-02-22 13:33 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\Abelssoft
2015-02-22 13:33 - 2015-02-22 13:33 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2015-02-22 13:33 - 2015-02-22 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2015-02-22 13:33 - 2015-02-22 13:33 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2015-02-22 13:07 - 2015-02-23 13:57 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-22 13:06 - 2015-02-22 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-22 13:06 - 2015-02-22 13:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-22 13:06 - 2015-02-22 13:06 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-22 13:06 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-22 13:06 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-22 13:06 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-21 14:29 - 2015-02-21 14:36 - 59243667 _____ () C:\Users\Veysi\Downloads\Sweden.map.part
2015-02-21 13:46 - 2015-02-21 14:08 - 223339007 _____ () C:\Users\Veysi\Downloads\Spain.map
2015-02-21 13:44 - 2015-02-21 13:45 - 15891342 _____ () C:\Users\Veysi\Downloads\Slovenia.map
2015-02-21 13:42 - 2015-02-21 13:43 - 05767569 _____ () C:\Users\Veysi\Downloads\Nav.Bli.Cle.Par.01.2015.zip
2015-02-21 13:38 - 2015-02-21 13:42 - 36086801 _____ () C:\Users\Veysi\Downloads\Slovakia.map
2015-02-21 13:36 - 2015-02-21 13:37 - 18853687 _____ () C:\Users\Veysi\Downloads\Serbia.map
2015-02-21 13:30 - 2015-02-21 13:33 - 33157388 _____ () C:\Users\Veysi\Downloads\Romania.map
2015-02-21 13:27 - 2015-02-21 13:29 - 24829077 _____ () C:\Users\Veysi\Downloads\Republic of Ireland.map
2015-02-21 13:14 - 2015-02-22 16:33 - 104263851 _____ () C:\Users\Veysi\Downloads\Poland.map.part
2015-02-21 13:05 - 2015-02-21 13:13 - 79820781 _____ () C:\Users\Veysi\Downloads\Portugal.map
2015-02-21 13:01 - 2015-02-21 13:01 - 00001357 _____ () C:\Users\Public\Desktop\NAVIGON Fresh.lnk
2015-02-21 13:01 - 2015-02-21 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON
2015-02-21 13:01 - 2015-02-21 13:01 - 00000000 ____D () C:\Program Files (x86)\NAVIGON
2015-02-18 19:11 - 2015-02-18 19:11 - 00000000 _____ () C:\Users\Veysi\defogger_reenable
2015-02-18 18:49 - 2015-02-23 13:58 - 01230486 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-18 18:30 - 2015-02-18 18:30 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-18 10:08 - 2015-02-22 16:34 - 107799339 _____ () C:\Users\Veysi\Downloads\Turkey.map.part
2015-02-18 10:00 - 2015-02-18 10:03 - 62587439 _____ () C:\Users\Veysi\Downloads\Norway.map
2015-02-18 09:59 - 2015-02-18 09:59 - 02706712 _____ () C:\Users\Veysi\Downloads\Montenegro.map
2015-02-18 09:58 - 2015-02-18 09:58 - 00385233 _____ () C:\Users\Veysi\Downloads\Monaco.map
2015-02-18 09:57 - 2015-02-18 09:57 - 00984659 _____ () C:\Users\Veysi\Downloads\Moldova.map
2015-02-18 09:56 - 2015-02-18 09:56 - 01382155 _____ () C:\Users\Veysi\Downloads\Malta.map
2015-02-18 09:54 - 2015-02-18 09:55 - 03043912 _____ () C:\Users\Veysi\Downloads\Luxemburg.map
2015-02-18 09:53 - 2015-02-18 09:54 - 16203772 _____ () C:\Users\Veysi\Downloads\Lithuania.map
2015-02-18 09:52 - 2015-02-18 09:52 - 00452820 _____ () C:\Users\Veysi\Downloads\Liechtenstein.map
2015-02-18 09:50 - 2015-02-18 09:51 - 22420846 _____ () C:\Users\Veysi\Downloads\Latvia.map
2015-02-18 09:49 - 2015-02-18 09:49 - 02382388 _____ () C:\Users\Veysi\Downloads\Kosovo.map
2015-02-17 23:22 - 2015-02-22 16:09 - 00000000 ____D () C:\Users\Veysi\Desktop\IPtv list
2015-02-16 18:57 - 2015-02-18 10:09 - 61118365 _____ () C:\Users\Veysi\Downloads\Netherlands.map
2015-02-16 18:40 - 2015-02-16 18:45 - 17338062 _____ () C:\Users\Veysi\Downloads\Iceland.map
2015-02-16 18:06 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-16 18:06 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-16 18:02 - 2015-02-16 18:02 - 00000000 ____D () C:\WINDOWS\Sun
2015-02-16 18:02 - 2015-02-16 18:01 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-02-16 17:53 - 2015-02-16 17:53 - 00639400 _____ (Oracle Corporation) C:\Users\Veysi\Downloads\chromeinstall-8u31.exe
2015-02-16 10:41 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-16 10:41 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-16 10:41 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-16 10:41 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-16 10:41 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-16 10:41 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-16 10:41 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-16 10:41 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-16 10:41 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-16 10:41 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-16 10:41 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-16 10:41 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-16 10:41 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-16 10:41 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-16 10:41 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-16 10:41 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-16 10:41 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-16 10:41 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-16 10:41 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-16 10:41 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-16 10:41 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-16 10:41 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-16 10:41 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-16 10:41 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-16 10:41 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-16 10:41 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-16 10:41 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-16 10:41 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-16 10:41 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-16 10:41 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-16 10:41 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-16 10:41 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-16 10:41 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-16 10:41 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-16 10:41 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-16 10:41 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-16 10:41 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-16 10:41 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-16 10:41 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-16 10:41 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-16 10:41 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-16 10:41 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-16 10:41 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-16 10:41 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-16 10:41 - 2014-12-09 00:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-16 10:40 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-16 10:40 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-16 10:40 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-16 10:40 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-16 10:40 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-16 10:39 - 2015-02-04 00:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-02-16 10:39 - 2015-02-04 00:08 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-02-16 10:39 - 2015-02-04 00:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-02-16 10:39 - 2015-02-03 00:11 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-02-16 10:39 - 2015-02-03 00:11 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-02-16 10:39 - 2015-02-03 00:11 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-02-16 10:39 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-16 10:39 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-16 00:05 - 2015-02-16 17:16 - 00000000 ____D () C:\Users\Veysi\Desktop\iptv
2015-02-12 17:21 - 2015-02-12 18:02 - 211522672 _____ () C:\Users\Veysi\Downloads\Italy.map
2015-02-12 17:20 - 2015-02-12 17:20 - 00699668 _____ () C:\Users\Veysi\Downloads\Isle_of_Man.map
2015-02-12 17:02 - 2015-02-12 17:16 - 73509592 _____ () C:\Users\Veysi\Downloads\Greece.map
2015-02-12 17:01 - 2015-02-12 17:01 - 00317963 _____ () C:\Users\Veysi\Downloads\Gibraltar.map
2015-02-12 14:55 - 2015-02-16 18:51 - 35094852 _____ () C:\Users\Veysi\Downloads\Hungary.map
2015-02-12 14:51 - 2015-02-12 14:51 - 00001412 _____ () C:\Users\Veysi\Downloads\Navigon_Blitzer-ymx5jomej15h.dlc
2015-02-12 14:48 - 2015-02-12 15:34 - 260033132 _____ () C:\Users\Veysi\Downloads\Germany.map
2015-02-12 14:47 - 2015-02-12 14:47 - 05514936 _____ () C:\Users\Veysi\Downloads\FYROM.map
2015-02-12 14:26 - 2015-02-12 14:45 - 137278717 _____ () C:\Users\Veysi\Downloads\Finland.map
2015-02-09 22:27 - 2015-02-12 17:00 - 419766690 _____ () C:\Users\Veysi\Downloads\France.map
2015-02-09 22:24 - 2015-02-09 22:26 - 22450476 _____ () C:\Users\Veysi\Downloads\Estonia.map
2015-02-09 22:20 - 2015-02-09 22:23 - 31283796 _____ () C:\Users\Veysi\Downloads\Denmark.map
2015-02-09 22:11 - 2015-02-09 22:19 - 87256687 _____ () C:\Users\Veysi\Downloads\Czech_Republic.map
2015-02-09 22:08 - 2015-02-09 22:10 - 22286143 _____ () C:\Users\Veysi\Downloads\Croatia.map
2015-02-09 22:04 - 2015-02-09 22:07 - 26756343 _____ () C:\Users\Veysi\Downloads\Bulgaria.map
2015-02-09 22:03 - 2015-02-09 22:04 - 11021601 _____ () C:\Users\Veysi\Downloads\Bosnia and Herzegovina.map
2015-02-09 21:58 - 2015-02-09 22:02 - 34780800 _____ () C:\Users\Veysi\Downloads\Belgium.map
2015-02-09 21:58 - 2015-02-09 21:58 - 01387477 _____ () C:\Users\Veysi\Downloads\Belarus.map
2015-02-09 21:51 - 2015-02-09 21:56 - 54251921 _____ () C:\Users\Veysi\Downloads\Austria.map
2015-02-09 21:50 - 2015-02-09 21:50 - 00475559 _____ () C:\Users\Veysi\Downloads\Andorra.map
2015-02-09 21:48 - 2015-02-09 21:51 - 07344230 _____ () C:\Users\Veysi\Downloads\Albania.map
2015-02-09 21:45 - 2015-02-09 21:45 - 00025072 _____ () C:\Users\Veysi\Downloads\Navigon.Maps.Q4.2014_Einzeldownloads_-1hp7hgndw06p.dlc
2015-02-01 03:49 - 2015-02-18 18:37 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-30 23:45 - 2015-01-30 23:45 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Nero
2015-01-30 23:44 - 2015-01-30 23:44 - 00002929 _____ () C:\Users\Public\Desktop\Nero 2015.lnk
2015-01-30 23:41 - 2015-01-30 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-01-29 16:33 - 2015-01-29 16:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-01-29 16:33 - 2015-01-29 16:33 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-01-29 16:32 - 2015-01-10 09:07 - 32102544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 25459856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 24765584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 20465296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 18566296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 17250776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 16009120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 13295552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 13210248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 10774544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 10714488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 10274448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-01-29 16:32 - 2015-01-10 09:07 - 03607184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 03245712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 01895240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434725.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 01556808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434725.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00969360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00942736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00929424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00906384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00496456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00390472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00353040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00345744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00305320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-01-29 16:32 - 2015-01-10 09:07 - 00031376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-01-29 12:53 - 2015-01-29 12:54 - 00000000 ____D () C:\Users\Veysi\Downloads\Bitdefender Safepay
2015-01-29 12:46 - 2015-01-29 12:46 - 00173172 _____ () C:\Users\Veysi\Desktop\horaireslocauxjusquemercrediversionetudiants.xlsx
2015-01-28 12:58 - 2013-12-28 02:13 - 01085344 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll
2015-01-28 12:37 - 2015-01-28 12:37 - 00079192 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2015-01-28 12:35 - 2015-01-28 12:35 - 00547816 _____ () C:\ProgramData\1422444577.bdinstall.bin
2015-01-28 12:33 - 2015-01-28 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-01-28 12:33 - 2014-12-02 16:40 - 00082824 _____ (BitDefender SRL) C:\WINDOWS\system32\Drivers\bdsandbox.sys
2015-01-28 12:33 - 2014-10-03 20:11 - 00263032 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2015-01-28 12:33 - 2014-09-25 15:57 - 01288472 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2015-01-28 12:33 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2015-01-28 12:33 - 2013-11-19 14:44 - 00098768 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\bdfndisf6.sys
2015-01-28 12:33 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2015-01-28 12:32 - 2015-01-28 12:32 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\Bitdefender
2015-01-28 12:29 - 2014-10-22 09:29 - 00155912 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2015-01-28 12:29 - 2014-10-15 16:14 - 00452040 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2015-01-28 02:47 - 2015-01-28 02:47 - 00000000 ____D () C:\Users\Veysi\AppData\Temp
2015-01-28 01:50 - 2015-01-28 01:50 - 00074000 _____ (BitDefender SRL) C:\WINDOWS\system32\bdsandboxuiskin32.dll
2015-01-28 01:49 - 2015-01-28 01:49 - 00000385 _____ () C:\Users\Veysi\AppData\Roaminguser_gensett.xml
2015-01-28 01:48 - 2015-01-28 01:48 - 00000385 _____ () C:\WINDOWS\system32\user_gensett.xml
2015-01-28 01:48 - 2015-01-28 01:48 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-01-28 01:47 - 2015-01-28 02:57 - 00000000 ____D () C:\ProgramData\BDLogging
2015-01-28 01:47 - 2014-12-02 16:37 - 00074000 _____ (BitDefender SRL) C:\WINDOWS\SysWOW64\bdsandboxuiskin32.dll
2015-01-28 01:47 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2015-01-28 01:43 - 2015-01-28 12:43 - 00000000 ____D () C:\Program Files\Bitdefender
2015-01-28 01:43 - 2015-01-28 12:33 - 00000000 ____D () C:\ProgramData\Bitdefender
2015-01-28 01:43 - 2015-01-28 01:43 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\QuickScan
2015-01-28 01:43 - 2014-12-02 16:37 - 00084336 _____ (BitDefender SRL) C:\WINDOWS\system32\bdsandboxuiskin.dll
2015-01-28 01:43 - 2014-12-02 13:37 - 00033360 _____ (BitDefender SRL) C:\WINDOWS\system32\bdsandboxuh.dll
2015-01-28 01:42 - 2015-01-28 12:29 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-01-28 01:25 - 2015-01-28 01:25 - 00000000 ____D () C:\OETemp
2015-01-28 01:03 - 2015-01-28 01:03 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\PlatinumHideIP
2015-01-28 01:03 - 2015-01-28 01:03 - 00000000 ____D () C:\ProgramData\PlatinumHideIP
2015-01-24 13:40 - 2015-01-24 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-01-24 13:35 - 2015-01-24 13:35 - 00000000 ____D () C:\Users\Veysi\AppData\Local\Samsung
2015-01-24 13:33 - 2015-01-24 13:33 - 00000000 ____D () C:\Program Files (x86)\MarkAny
2015-01-24 13:33 - 2012-08-28 10:05 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-23 14:01 - 2014-02-09 15:18 - 00000000 ____D () C:\FRST
2015-02-23 14:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-23 13:58 - 2014-02-12 20:52 - 00000000 __RDO () C:\Users\Veysi\SkyDrive
2015-02-23 13:57 - 2014-10-17 22:43 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-23 13:56 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-23 09:27 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-23 08:47 - 2014-02-09 01:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-23 08:36 - 2014-10-17 22:43 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-23 07:33 - 2014-07-30 21:28 - 00000954 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3086666771-1258200647-2824944347-1002UA.job
2015-02-23 07:15 - 2014-02-13 01:55 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6AFBAFD9-0458-45E7-A5AE-EE747F64DAB5}
2015-02-22 21:30 - 2014-02-09 01:10 - 00000000 ____D () C:\Users\Veysi\Documents\Fichiers Outlook
2015-02-22 21:26 - 2014-02-08 18:46 - 00000000 ____D () C:\Users\Veysi\AppData\Local\Packages
2015-02-22 21:25 - 2014-02-10 14:00 - 00000000 ____D () C:\Users\Veysi\AppData\Local\JDownloader v2.0
2015-02-22 21:23 - 2013-11-14 08:27 - 01809786 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-22 21:23 - 2013-11-14 08:11 - 00769524 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-22 21:23 - 2013-11-14 08:11 - 00160746 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-22 16:37 - 2014-02-08 22:55 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3086666771-1258200647-2824944347-1002
2015-02-22 16:16 - 2014-09-16 12:42 - 00000000 ___RD () C:\Users\Veysi\Desktop\Multimedia & tools
2015-02-22 16:09 - 2014-06-12 22:30 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\vlc
2015-02-22 16:04 - 2014-04-19 14:19 - 00495104 ___SH () C:\Users\Veysi\Desktop\Thumbs.db
2015-02-22 14:31 - 2014-10-17 22:43 - 00004106 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-22 14:31 - 2014-10-17 22:43 - 00003870 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-22 13:57 - 2014-10-26 23:15 - 00000000 ____D () C:\AdwCleaner
2015-02-22 13:48 - 2013-08-22 15:44 - 00529720 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-22 13:47 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-02-22 13:46 - 2014-06-20 15:19 - 00000000 ____D () C:\ProgramData\AppSnow
2015-02-22 13:43 - 2014-02-09 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
2015-02-21 22:33 - 2014-07-30 21:28 - 00000932 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3086666771-1258200647-2824944347-1002Core.job
2015-02-21 18:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-21 13:13 - 2014-04-18 22:35 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-02-21 12:47 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-19 15:04 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-18 19:11 - 2014-02-12 20:26 - 00000000 ____D () C:\Users\Veysi
2015-02-18 18:58 - 2014-02-09 00:56 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-18 18:57 - 2014-02-09 00:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-18 18:53 - 2014-12-01 21:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-18 18:36 - 2014-02-09 00:44 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\uTorrent
2015-02-18 18:33 - 2014-02-09 01:35 - 00000000 ____D () C:\ProgramData\Apple
2015-02-16 18:07 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-16 18:06 - 2014-11-13 14:28 - 00001389 _____ () C:\Users\Public\Desktop\eID Viewer.lnk
2015-02-16 18:05 - 2014-11-13 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID
2015-02-16 18:05 - 2014-11-13 14:28 - 00000000 ____D () C:\Program Files (x86)\Belgium Identity Card
2015-02-16 18:01 - 2014-02-09 03:17 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-16 15:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-16 11:08 - 2014-02-10 16:22 - 00000000 ____D () C:\Program Files (x86)\Nero
2015-02-16 11:02 - 2013-12-28 02:00 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-16 11:01 - 2014-05-17 08:27 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-16 10:54 - 2014-02-09 01:52 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-16 10:53 - 2012-07-26 06:26 - 00000297 _____ () C:\WINDOWS\win.ini
2015-02-16 10:51 - 2014-12-11 14:07 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-16 10:51 - 2014-07-10 19:05 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-12 14:41 - 2014-11-25 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-12 14:41 - 2014-11-25 16:33 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-02-12 14:40 - 2014-11-25 16:33 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-02-12 14:40 - 2014-03-24 16:14 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\DVDVideoSoft
2015-02-11 01:14 - 2014-09-16 12:42 - 00000000 ____D () C:\ProgramData\Samsung
2015-02-11 01:14 - 2014-09-16 12:37 - 00000000 ____D () C:\Users\Veysi\Documents\SelfMV
2015-02-05 14:47 - 2014-02-09 01:27 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-04 03:43 - 2014-02-09 02:29 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\Skype
2015-02-03 20:31 - 2015-01-19 18:43 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2015-01-19 18:43 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-02 16:39 - 2014-05-31 11:10 - 00182272 ___SH () C:\Users\Veysi\Downloads\Thumbs.db
2015-01-31 00:01 - 2014-02-10 16:30 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\Nero
2015-01-30 23:45 - 2014-02-10 16:22 - 00000000 ____D () C:\ProgramData\Nero
2015-01-29 16:41 - 2014-04-26 13:44 - 00000043 ___SH () C:\ProgramData\.zreglib
2015-01-29 16:33 - 2014-03-14 18:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-29 12:57 - 2014-06-25 20:18 - 00000000 ____D () C:\Users\Veysi\AppData\Local\Adobe
2015-01-28 12:59 - 2014-02-09 03:17 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-28 12:58 - 2013-12-28 02:13 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2015-01-28 12:58 - 2013-12-28 02:13 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2015-01-28 12:58 - 2013-12-28 02:13 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2015-01-28 12:58 - 2013-12-28 02:13 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-01-28 12:57 - 2014-11-16 23:48 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2015-01-28 12:57 - 2014-11-16 23:48 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2015-01-28 12:57 - 2014-11-16 23:48 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2015-01-28 12:57 - 2014-02-09 03:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-28 12:57 - 2013-12-28 02:13 - 00000000 ____D () C:\Program Files\Java
2015-01-28 11:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
2015-01-28 01:39 - 2014-10-26 23:50 - 00000000 ____D () C:\ProgramData\Avira
2015-01-28 01:39 - 2014-10-26 23:50 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-27 00:21 - 2014-02-19 19:19 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EF8ED63A-6A54-49B7-AE6C-09D3A748C055}
2015-01-27 00:20 - 2014-02-19 19:03 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3086666771-1258200647-2824944347-1003
2015-01-27 00:15 - 2014-02-19 19:06 - 00000000 __RDO () C:\Users\Nalin\SkyDrive
2015-01-24 19:42 - 2014-07-21 03:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-01-24 19:42 - 2013-12-28 02:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-24 19:39 - 2014-04-18 23:00 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\HTC
2015-01-24 19:39 - 2014-04-18 22:59 - 00000000 ____D () C:\ProgramData\HTC
2015-01-24 19:39 - 2014-04-18 22:54 - 00000000 ____D () C:\Program Files (x86)\HTC
2015-01-24 19:38 - 2014-05-31 11:59 - 00000005 _____ () C:\WINDOWS\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2015-01-24 13:41 - 2014-04-18 22:52 - 00000000 ____D () C:\Users\Veysi\AppData\Local\Downloaded Installations
2015-01-24 13:35 - 2014-07-21 03:50 - 00000000 ____D () C:\Users\Veysi\AppData\Roaming\Samsung
2015-01-24 13:34 - 2014-07-21 03:49 - 00000000 ____D () C:\Program Files (x86)\Samsung

==================== Files in the root of some directories =======

2014-10-02 13:01 - 2014-10-02 13:01 - 0000037 ___SH () C:\Users\Veysi\AppData\Local\70149b02515b3bb20dd492.47983420
2014-04-11 19:38 - 2014-12-02 15:41 - 0004608 _____ () C:\Users\Veysi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-09 18:17 - 2015-01-17 15:12 - 0007607 _____ () C:\Users\Veysi\AppData\Local\Resmon.ResmonCfg
2014-04-26 13:44 - 2015-01-29 16:41 - 0000043 ___SH () C:\ProgramData\.zreglib
2015-01-28 12:35 - 2015-01-28 12:35 - 0547816 _____ () C:\ProgramData\1422444577.bdinstall.bin
2014-02-09 16:30 - 2014-02-09 16:30 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-02-12 20:20 - 2014-02-12 20:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Veysi\AppData\Local\Temp\proxy_vole3043306919347700472.dll
C:\Users\Veysi\AppData\Local\Temp\Quarantine.exe
C:\Users\Veysi\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-18 12:38

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---


Erstmal Danke für alles, die Softwares haben jede menge Trojaner, Malwares etcs gefunden. Aber mein Hauptproblem ist immer noch nicht gelöst. Unszwar, sobal ich mein Notebook starte, bekomme ich nach dem Windows Logo ein schwarzes Fenster mit der aufschrift "iolorgdf32 program not found skipping autocheck" zu sehen. Diese schrift bleibt gute 10 sekunden. Anschlißend, habe ich ein komplett schwarzen Bildschirm vor mir, ca. 1 Minute bevor ich endlich ein Bild bekomme und mich einloggen kannst.

Kann ich die in der Quarantäne geschobene Datein löschen? oder ist es besser Sie dort zu behalten?


Hier ein Bild von meinem Bildschirm mit "iolorgdf32 program not found skipping autocheck"

Alt 23.02.2015, 17:25   #12
schrauber
/// the machine
/// TB-Ausbilder
 

iolorgdf32 program not found skipping autocheck - Standard

iolorgdf32 program not found skipping autocheck



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\Nalin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

F:\DivX Plus 10.1 Build 1.10.1.363+Key-FFF\DivXInstaller.exe

F:\Isobuster-3.3-Final\Isobuster-3.3-Final.rar

F:\Isobuster-3.3-Final\isobuster_all_lang.exe

F:\SkZ-AssasinsCree\-=SKANZ==-\ubiorbitapi_r2.dll

G:\Sinan\HELMo Sainte-Marie\2ième Assurances\Bureautique\Champions League Powerpoint\SoftonicDownloader_for_free-mp3-cutter-and-editor.exe
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
BootExecute: autocheck autochk * autocheck iolorgdf32 C:\Users\Veysi\AppData\Roaming\iolo\
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: {4DE85C99-C89B-431C-BD00-D85C71629A44} - System32\Tasks\GS_Booster-S-576482620 => c:\programdata\trusted publisher\gs_booster\GS_Booster.exe <==== ATTENTION

Task: {C5924CE3-B700-4EAE-9F08-18712009633C} - System32\Tasks\SO_Booster-S-2355932470 => c:\programdata\appsnow\so_booster\SO_Booster.exe <==== ATTENTION

Task: {F71693C7-7261-4ED9-9953-22BDEB642379} - \AutoKMS No Task File <==== ATTENTION

Task: C:\WINDOWS\Tasks\bench-Updater removing.job => ? <==== ATTENTION

Task: C:\WINDOWS\Tasks\GS_Booster-S-576482620.job => c:\programdata\trusted publisher\gs_booster\GS_Booster.exe <==== ATTENTION

Task: C:\WINDOWS\Tasks\SO_Booster-S-2355932470.job => c:\programdata\appsnow\so_booster\SO_Booster.exe <==== ATTENTION
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Meldung sollte weg sein. Frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.02.2015, 23:27   #13
--sinan--
 
iolorgdf32 program not found skipping autocheck - Standard

iolorgdf32 program not found skipping autocheck



Das Problem mit der Erscheinung von "iolorgdf32 program not found skipping autocheck" beim Start ist nun behoben.
Allerdings bekomme ich immer noch einen schwarzen Bildschirm zu sehen beim Start, nach dem Windows Logo. Also => Start=> Windows lädt(mit Logo)=>schwarzer Bildschirm für längere Zeit (20 Sekunden minimum) und anschließend kann ich mich erst anmelden.
So bitte sehr "logfix.txt"
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-02-2015
Ran by Veysi at 2015-02-23 23:59:43 Run:2
Running from F:\Defogger
Loaded Profiles: Veysi (Available profiles: Veysi & Nalin)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\Nalin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js

C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js

F:\DivX Plus 10.1 Build 1.10.1.363+Key-FFF\DivXInstaller.exe

F:\Isobuster-3.3-Final\Isobuster-3.3-Final.rar

F:\Isobuster-3.3-Final\isobuster_all_lang.exe

F:\SkZ-AssasinsCree\-=SKANZ==-\ubiorbitapi_r2.dll

G:\Sinan\HELMo Sainte-Marie\2ième Assurances\Bureautique\Champions League Powerpoint\SoftonicDownloader_for_free-mp3-cutter-and-editor.exe
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
BootExecute: autocheck autochk * autocheck iolorgdf32 C:\Users\Veysi\AppData\Roaming\iolo\
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: {4DE85C99-C89B-431C-BD00-D85C71629A44} - System32\Tasks\GS_Booster-S-576482620 => c:\programdata\trusted publisher\gs_booster\GS_Booster.exe <==== ATTENTION

Task: {C5924CE3-B700-4EAE-9F08-18712009633C} - System32\Tasks\SO_Booster-S-2355932470 => c:\programdata\appsnow\so_booster\SO_Booster.exe <==== ATTENTION

Task: {F71693C7-7261-4ED9-9953-22BDEB642379} - \AutoKMS No Task File <==== ATTENTION

Task: C:\WINDOWS\Tasks\bench-Updater removing.job => ? <==== ATTENTION

Task: C:\WINDOWS\Tasks\GS_Booster-S-576482620.job => c:\programdata\trusted publisher\gs_booster\GS_Booster.exe <==== ATTENTION

Task: C:\WINDOWS\Tasks\SO_Booster-S-2355932470.job => c:\programdata\appsnow\so_booster\SO_Booster.exe <==== ATTENTION
Emptytemp:
         
*****************

"C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js" => File/Directory not found.
"C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js" => File/Directory not found.
"C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js" => File/Directory not found.
"C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js" => File/Directory not found.
"C:\Users\Nalin\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ahdndmmcocnfeckfdjnjkdpdhjbfocbf\5.14\GvXI.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\content.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\conpemnbjalmgdbafahedecjfnamfkao\2.0\jSTrjp.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\faaceadpcekoejkmfneinkhoeloockgf\2.0\h5y.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\HroGS.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcgfdbcbklfoogblhmjglkjdfnchmffc\2.0\lsdb.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\121\J0Er.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\GbcxJPf6o.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nneppijojjdlehaeljmhnomolnpgopbi\2.14\lsdb.js" => File/Directory not found.
"C:\Users\Veysi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pclholjnbapfibffeajfbhhgmdholcjn\1.0\DDBcJu4SZ.js" => File/Directory not found.
"F:\DivX Plus 10.1 Build 1.10.1.363+Key-FFF\DivXInstaller.exe" => File/Directory not found.
"F:\Isobuster-3.3-Final\Isobuster-3.3-Final.rar" => File/Directory not found.
"F:\Isobuster-3.3-Final\isobuster_all_lang.exe" => File/Directory not found.
"F:\SkZ-AssasinsCree\-=SKANZ==-\ubiorbitapi_r2.dll" => File/Directory not found.
"G:\Sinan\HELMo Sainte-Marie\2ième Assurances\Bureautique\Champions League Powerpoint\SoftonicDownloader_for_free-mp3-cutter-and-editor.exe" => File/Directory not found.
HKU\S-1-5-21-3086666771-1258200647-2824944347-1002\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
"C:\WINDOWS\system32\GroupPolicy\Machine" => File/Directory not found.
HKLM\SOFTWARE\Policies\Google => Key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DE85C99-C89B-431C-BD00-D85C71629A44} => Key not found. 
C:\Windows\System32\Tasks\GS_Booster-S-576482620 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GS_Booster-S-576482620" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C5924CE3-B700-4EAE-9F08-18712009633C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5924CE3-B700-4EAE-9F08-18712009633C}" => Key deleted successfully.
C:\Windows\System32\Tasks\SO_Booster-S-2355932470 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SO_Booster-S-2355932470" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F71693C7-7261-4ED9-9953-22BDEB642379}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F71693C7-7261-4ED9-9953-22BDEB642379}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
C:\WINDOWS\Tasks\bench-Updater removing.job not found.
C:\WINDOWS\Tasks\GS_Booster-S-576482620.job not found.
C:\WINDOWS\Tasks\SO_Booster-S-2355932470.job not found.
EmptyTemp: => Removed 1.7 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 00:01:53 ====
         
Ich habe nochmal einen Neustart gemacht, das Problem mit dem schwarzen Bildschirm hat sich nun auch gelöst. :-) Mein Laptop startet wieder blitzschnell. Vielen vielen Dank für Eure mühe.

Falls ihr in meinem letzten Log noch Fehler sieht, die man mit einem Scan oder anderem Tool korrigieren kann, lasst es mich wissen.


MFG und nochmals DANKE

Alt 24.02.2015, 15:55   #14
schrauber
/// the machine
/// TB-Ausbilder
 

iolorgdf32 program not found skipping autocheck - Standard

iolorgdf32 program not found skipping autocheck



Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.02.2015, 18:54   #15
--sinan--
 
iolorgdf32 program not found skipping autocheck - Standard

iolorgdf32 program not found skipping autocheck



Vielen Dank, ich habe soeben all die von dir empfohlenen Softwares installiert und ausgeführt.
2 Fragen hätte ich noch.

1.) Ich habe 2 Firewalls, eine in Bitdefender Internet Security und die andere in Windows 8.1 integriert. Welche ist empfehlenswerter? Beide laufen zu lassen wäre bestimmt falsch.

2.) Sollte man Viren/Trojaner unter Quarantäne stellen oder direkt löschen?



MFG

Antwort

Themen zu iolorgdf32 program not found skipping autocheck
arten, autostart, bereits, datei, dauert, defogger, deinstalliert, ebooks, einiger, found, frst.txt, hoffe, login, not, notebooks, program, programme, rar datei, starte, starten



Ähnliche Themen: iolorgdf32 program not found skipping autocheck


  1. iolorgdf 32 program not found skipping autocheck
    Alles rund um Windows - 15.07.2014 (5)
  2. malicious program has been detected.,
    Log-Analyse und Auswertung - 12.05.2014 (40)
  3. Trojan.FakeAlert in C:\Program Files (x86)\OpenOffice 4 \program\calc.dll
    Plagegeister aller Art und deren Bekämpfung - 22.04.2014 (5)
  4. c:\program files(x86)\hometab\tbupdater.dll
    Log-Analyse und Auswertung - 05.10.2013 (14)
  5. iolorgdf32 program not found / iminent
    Log-Analyse und Auswertung - 04.09.2013 (21)
  6. C:\Program Files(x86)\HomeTab\TBUpdater.dll
    Plagegeister aller Art und deren Bekämpfung - 22.06.2013 (7)
  7. Webcam Problem - used by another program
    Log-Analyse und Auswertung - 06.10.2011 (4)
  8. program too big to fit in memory
    Log-Analyse und Auswertung - 01.02.2010 (1)
  9. session manager value hinzugefügt bootexecute autocheck autochk *\
    Überwachung, Datenschutz und Spam - 03.10.2009 (3)
  10. Setup: Program too big to fit in memory
    Log-Analyse und Auswertung - 12.05.2009 (22)
  11. Vista und Program Files...
    Alles rund um Windows - 16.08.2008 (2)
  12. Systemstörung -SsiEfr.ex / Program not found
    Alles rund um Windows - 10.01.2008 (7)
  13. Spyware Program!?!
    Plagegeister aller Art und deren Bekämpfung - 09.06.2006 (3)
  14. backdoor program BDS/Small.EO
    Plagegeister aller Art und deren Bekämpfung - 18.04.2005 (2)
  15. File System Found infected by "VB and VBA Program Settings Spyware/Adware" Virus. Act
    Log-Analyse und Auswertung - 08.04.2005 (3)
  16. Pegasus Mail Program
    Antiviren-, Firewall- und andere Schutzprogramme - 06.04.2005 (7)
  17. Program Control ist leer
    Antiviren-, Firewall- und andere Schutzprogramme - 11.01.2003 (14)

Zum Thema iolorgdf32 program not found skipping autocheck - Hallo , seit einiger Zeit bekomme ich ständig beim hochfahrens meines Notebooks "iolorgdf32 program not found skipping autocheck" zu sehen. Normalerweise dauert das Starten des notesbooks bis zum Login ca - iolorgdf32 program not found skipping autocheck...
Archiv
Du betrachtest: iolorgdf32 program not found skipping autocheck auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.