Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Stamplive Problem (https://www.trojaner-board.de/165510-stamplive-problem.html)

pwpa 26.03.2015 05:36
Stamplive Problem
 
Hallo, ich melde mich nun hier, da ich ebenfalls ein Problem mit Stamplive habe.

Ich habe einen Thread hier gefunden, der dasselbe Problem beschreibt, wie ich es nun habe.

Es werden beim einfachen Surfen mit jedem, ich sag mal, 5ten Klick Links und Fenster geöffnet, wobei ich dazu aufgefordert werde, meinen Adobe Flash Player zu aktualisieren.

Das ist natürlich absoluter Nonsens.

Eingefangen habe ich mir das "Teil" wohl bei einem Softwaredownload. Die gewünschte Software habe ich bekommen - jedoch auch die Malware dazu, obwohl ich in der Erweiterten Installationroutine alle Werbeträger mittels "Häkchen weg klicken" als "nicht installieren" markiert habe.

Es wurde Software wie "ZoomIt" und Bobyzoom" o.Ä. installiert. Diese habe ich selbst erfolgreich entfernen können.

Jedoch nicht die willkürlichen Link-Öffnungen von Stamplive.

Im oben angesprochenen anderen Thread habe ich mich bereits eingelesen und möchte die Logs von FRST natürlich nicht vorenthalten:

FRST.txt:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Pierre (administrator) on PW-PHOTOART on 26-03-2015 05:19:03
Running from C:\Users\Pierre\Desktop
Loaded Profiles: Pierre (Available profiles: Pierre)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
() C:\ProgramData\bobyzoom\1.1.0.30\bzwdg.exe
() C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe
() C:\ProgramData\bobyzoom\1.1.0.30\bz64.exe
() C:\ProgramData\bobyzoom\1.1.0.30\bz32.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(SearchProtect) C:\Program Files (x86)\XTab\CmdShell.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2157056 2009-05-18] (VIA)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe [2089056 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3631448 2015-02-27] (Electronic Arts)
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\Run: [GoogleChromeAutoLaunch_C5FC491E2CAB4BC85E5326FDF3ED6A98] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\Run: [SMModifier] => "C:\Users\Pierre\Desktop\StartMenuModifier.exe" -close
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\MountPoints2: {11fe3d4c-aeb8-11e4-825a-20cf307ee358} - "G:\pushinst.exe"
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.luckysearches.com/web/?type=ds&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.luckysearches.com/web/?type=ds&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.luckysearches.com/web/?type=ds&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.luckysearches.com/web/?type=ds&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.luckysearches.com/web/?type=dspp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.luckysearches.com/web/?type=dspp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4038099733-1638177181-3844028860-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.luckysearches.com/web/?type=dspp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4038099733-1638177181-3844028860-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.luckysearches.com/web/?utm_source=b&utm_medium=2sq&utm_campaign=install_ie&utm_content=ds&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&ts=1427203205&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4038099733-1638177181-3844028860-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.luckysearches.com/web/?utm_source=b&utm_medium=2sq&utm_campaign=install_ie&utm_content=ds&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&ts=1427203205&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4038099733-1638177181-3844028860-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.luckysearches.com/web/?type=dspp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4038099733-1638177181-3844028860-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.luckysearches.com/web/?utm_source=b&utm_medium=2sq&utm_campaign=install_ie&utm_content=ds&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&ts=1427203205&type=default&q={searchTerms}
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-14] (Kaspersky Lab ZAO)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-14] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-14] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-03-14] (Kaspersky Lab ZAO)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-08] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-03-14] (Kaspersky Lab ZAO)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-08] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-03-14] (Kaspersky Lab ZAO)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-4038099733-1638177181-3844028860-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.luckysearches.com/?type=sc&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7

FireFox:
========
FF ProfilePath: C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\wycjnobg.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-14] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-08] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-14] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-14] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-14] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-09-25] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF user.js: detected! => C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\z0dwu9wi.default-1422989189011\user.js [2015-03-16]
FF user.js: detected! => C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\pb59xgcw.default-1422989252135\user.js [2015-03-16]
FF user.js: detected! => C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\n78cpz9b.default-1422989527100\user.js [2015-03-16]
FF user.js: detected! => C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\viqrxwio.default-1422994161703\user.js [2015-03-16]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-09-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-01-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-01-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-01-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-01-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-01-17] (Apple Inc.)
FF Extension: MEGA - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\wycjnobg.default\Extensions\firefox@mega.co.nz.xpi [2015-01-18]
FF Extension: Adblock Plus - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\wycjnobg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-18]
FF Extension: Tab Mix Plus - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\wycjnobg.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-01-18]
FF Extension: Skype Shield Pro - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\wycjnobg.default\Extensions\{f83a0c59-2f7f-4b2b-8962-cc7ba252e0b6}.xpi [2015-01-18]
FF Extension: {f90525e9-e841-4cec-b358-e927c3b1ec93} - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\wycjnobg.default\Extensions\{f90525e9-e841-4cec-b358-e927c3b1ec93}.xpi [2015-01-18]
FF Extension: BobyZoom - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\z0dwu9wi.default-1422989189011\Extensions\bbz@bobyzoom.com [2015-03-24]
FF Extension: BobyZoom - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\pb59xgcw.default-1422989252135\Extensions\bbz@bobyzoom.com [2015-03-24]
FF Extension: BobyZoom - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\n78cpz9b.default-1422989527100\Extensions\bbz@bobyzoom.com [2015-03-24]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-01-17]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-01-21]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-14]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-14]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-14]
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\wycjnobg.default\extensions\fftoolbar2014@etech.com

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-20]
CHR Extension: (Google Docs) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-20]
CHR Extension: (Google Drive) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-20]
CHR Extension: (YouTube) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-20]
CHR Extension: (Google Search) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-20]
CHR Extension: (Kaspersky Protection) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-03-16]
CHR Extension: (Tampermonkey) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-01-20]
CHR Extension: (Facebook Select All Friends 2015) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\emcgfadcikgmmidfkhohddnmhbaapgcf [2015-01-20]
CHR Extension: (Invite All (for Facebook)) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopekjehpibhfpjjcokfmhcaeiclddih [2015-01-20]
CHR Extension: (ZenMate Security & Privacy VPN) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-01-20]
CHR Extension: (Google Sheets) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-20]
CHR Extension: (Avira Browser Safety) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-01-20]
CHR Extension: (FaceBook Select All) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gakbhljkhaajagifijdfbpjngogfapho [2015-01-20]
CHR Extension: (AdBlock) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Invite All Friends Pro 2.0 for Facebook) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\llihccomjnidgdibbpciaajkednnglpm [2015-01-20]
CHR Extension: (Google Wallet) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-20]
CHR Extension: (Battlelog Emblem Editor Extended) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\noagedoiolkfaoaknohhepocfeooibjb [2015-01-20]
CHR Extension: (Facebook Invite All Subrange) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\phlacnclhiinhhoaonnoflhaoaklmfek [2015-01-20]
CHR Extension: (Gmail) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-20]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

Locked "tammgF119" service could not be unlocked. <===== ATTENTION
Locked "tammgR119" service could not be unlocked. <===== ATTENTION

R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 bobyzoom; C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe [0 ] () <==== ATTENTION (zero size file/folder)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-22] (Microsoft Corporation)
R2 bzwdg; C:\ProgramData\bobyzoom\1.1.0.30\bzwdg.exe [0 ] () <==== ATTENTION (zero size file/folder)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158816 2015-03-16] (XTab system)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-14] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-02-13] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [226680 2015-03-23] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [493712 2015-03-24] (SysTool PasSame LIMITED)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF9035BDA; C:\Windows\system32\DRIVERS\AF15BDA.sys [514856 2012-11-09] (ITETech                  )
S3 arusb_win7x; C:\Windows\system32\DRIVERS\arusb_win7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 fwlanusbn; C:\Windows\system32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2015-03-14] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [800440 2015-03-14] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2015-03-14] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2015-03-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [40136 2015-03-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rusb3hub; C:\Windows\System32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\system32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R5 tammgF119; C:\Windows\System32\Drivers\tammgF119.sys [27304 2015-03-24] () [File not signed]
R5 tammgR119; C:\Windows\System32\Drivers\tammgR119.sys [26792 2015-03-24] () [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-26 05:19 - 2015-03-26 05:19 - 00034175 _____ () C:\Users\Pierre\Desktop\FRST.txt
2015-03-26 05:19 - 2015-03-26 05:19 - 00001295 _____ () C:\Users\Pierre\Desktop\Revo Uninstaller.lnk
2015-03-26 05:18 - 2015-03-26 05:19 - 00000000 ____D () C:\FRST
2015-03-26 05:18 - 2015-03-26 05:18 - 02095616 _____ (Farbar) C:\Users\Pierre\Desktop\FRST64.exe
2015-03-26 05:16 - 2015-03-26 05:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Pierre\Desktop\revosetup95.exe
2015-03-24 14:39 - 2015-03-24 14:45 - 00000284 _____ () C:\Windows\Tasks\Tempo Runner bzdap.job
2015-03-24 14:20 - 2015-03-25 06:01 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-03-24 14:20 - 2015-03-25 06:00 - 00000000 ____D () C:\Program Files (x86)\Search Extensions
2015-03-24 14:20 - 2015-03-24 14:20 - 00003546 _____ () C:\Windows\System32\Tasks\RocketTab
2015-03-24 14:20 - 2015-03-24 14:20 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-03-24 14:19 - 2015-03-24 14:25 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Opera Software
2015-03-24 14:19 - 2015-03-24 14:25 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Opera Software
2015-03-24 14:19 - 2015-03-24 14:19 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-03-24 14:18 - 2015-03-24 14:25 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-03-24 14:17 - 2015-03-24 14:17 - 00027304 _____ () C:\Windows\system32\Drivers\tammgF119.sys
2015-03-24 14:17 - 2015-03-24 14:17 - 00026792 _____ () C:\Windows\system32\Drivers\tammgR119.sys
2015-03-24 14:17 - 2015-03-24 14:17 - 00000000 ____D () C:\ProgramData\bobyzoom
2015-03-24 13:40 - 2015-03-24 13:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2015-03-24 13:37 - 2015-03-24 13:40 - 00000000 ____D () C:\Windows\LastGood
2015-03-24 13:31 - 2012-06-27 09:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2015-03-24 13:31 - 2012-06-27 09:37 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2015-03-24 13:30 - 2015-03-24 13:30 - 00000000 ____D () C:\ProgramData\Samsung
2015-03-24 13:30 - 2015-03-24 13:30 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-03-24 13:28 - 2015-03-25 06:25 - 00000000 ____D () C:\Users\Pierre\Desktop\samsung n7100 neu
2015-03-22 16:06 - 2015-02-12 12:11 - 00000000 ____D () C:\Users\Pierre\Desktop\Bitdefender Total Security 2015 Build 18.20.0.1429 64bit
2015-03-22 08:10 - 2015-03-22 08:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-20 08:57 - 2015-03-20 08:57 - 00000000 ____D () C:\Users\Pierre\Desktop\Lords Of Hardcore Vol.15
2015-03-20 08:56 - 2015-03-05 20:57 - 00000000 ____D () C:\Users\Pierre\Desktop\Hardcore Convention 2015
2015-03-20 08:51 - 2015-03-20 08:52 - 00000000 ____D () C:\ProgramData\Ashampoo
2015-03-20 08:51 - 2015-03-20 08:51 - 00001195 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio 15.lnk
2015-03-20 08:51 - 2015-03-20 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-03-20 08:51 - 2015-03-20 08:51 - 00000000 ____D () C:\Program Files (x86)\Ashampoo Burning Studio 15
2015-03-20 08:50 - 2015-03-20 08:50 - 230457467 _____ () C:\Users\Pierre\Desktop\Shampoo 15022.rar
2015-03-19 19:32 - 2015-03-19 19:32 - 00001182 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-03-19 19:32 - 2015-03-19 19:32 - 00001132 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-03-19 19:32 - 2015-03-19 19:32 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Canneverbe Limited
2015-03-19 19:32 - 2015-03-19 19:32 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2015-03-19 19:32 - 2015-03-19 19:32 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2015-03-18 21:11 - 2015-03-13 16:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-03-18 21:10 - 2015-03-18 21:10 - 00000000 ____D () C:\Windows\LastGood.Tmp
2015-03-18 21:10 - 2015-03-13 20:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-18 21:10 - 2015-03-13 20:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00833680 _____ () C:\Windows\system32\nvmcumd.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00101576 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00040136 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-03-18 18:28 - 2015-03-18 18:28 - 00000000 ____D () C:\Users\Pierre\.jordan
2015-03-17 22:17 - 2015-03-17 22:17 - 09541378 _____ () C:\Users\Pierre\Desktop\ennymorgan tasse.zip
2015-03-17 22:05 - 2015-03-17 22:05 - 186779852 _____ () C:\Users\Pierre\Desktop\enny-morgan Rahmen.psd
2015-03-17 19:21 - 2015-03-17 19:21 - 00000000 ____D () C:\Users\Pierre\Documents\My Games
2015-03-17 19:21 - 2015-03-17 19:21 - 00000000 ____D () C:\ProgramData\Steam
2015-03-17 19:21 - 2015-03-17 19:21 - 00000000 ____D () C:\ProgramData\Codemasters
2015-03-17 18:38 - 2015-03-17 18:38 - 00002201 _____ () C:\Users\Pierre\Desktop\GRID Autosport Limited Black Edition.lnk
2015-03-17 18:38 - 2015-03-17 18:38 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-03-17 18:35 - 2015-03-17 18:38 - 00000000 ____D () C:\Program Files (x86)\GRID Autosport Limited Black Edition
2015-03-16 22:55 - 2015-03-17 23:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-03-16 19:33 - 2015-03-20 08:52 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Ashampoo
2015-03-16 19:33 - 2015-03-16 19:33 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Ashampoo
2015-03-16 19:32 - 2015-03-16 19:32 - 00000000 ____D () C:\Program Files\BurningStudioPortable
2015-03-14 16:27 - 2015-03-14 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-03-14 16:27 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-03-14 16:26 - 2015-03-26 04:31 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-14 16:26 - 2015-03-14 16:29 - 00800440 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-03-14 16:26 - 2015-03-14 16:29 - 00150536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-03-14 16:26 - 2015-03-14 16:26 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-03-14 16:26 - 2014-08-12 18:32 - 00247480 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-03-14 02:29 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-14 02:29 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-14 02:29 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-14 02:29 - 2015-02-07 00:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-14 02:29 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-14 02:29 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-14 02:29 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-14 02:29 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-14 02:29 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-14 02:29 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-14 02:29 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-14 02:29 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-14 02:29 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-14 02:29 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-14 02:29 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-14 02:27 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-14 02:27 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-14 02:27 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-14 02:27 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-14 02:27 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-14 02:27 - 2015-01-31 00:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-14 02:27 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-14 02:27 - 2015-01-30 04:01 - 00097792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-14 02:27 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-14 02:27 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-14 02:26 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-14 02:26 - 2015-02-06 02:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-14 02:25 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-14 02:25 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-14 02:25 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-14 02:25 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-14 02:25 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-14 02:25 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-14 02:25 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-14 02:25 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-14 02:25 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-14 02:25 - 2015-01-29 01:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-14 02:25 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-14 02:25 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-14 02:25 - 2015-01-29 01:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-14 02:25 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-14 02:25 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-14 02:24 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-14 02:24 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-14 02:24 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-14 02:24 - 2015-02-21 01:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-14 02:24 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-14 02:24 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-14 02:24 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-14 02:24 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-14 02:24 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-14 02:24 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-14 02:24 - 2015-02-20 03:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-14 02:24 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-14 02:24 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-14 02:24 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-14 02:24 - 2015-02-20 03:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-14 02:24 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-14 02:24 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-14 02:24 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-14 02:24 - 2015-02-20 02:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-14 02:24 - 2015-02-20 02:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-14 02:24 - 2015-02-20 02:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-14 02:24 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-14 02:24 - 2015-02-20 02:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-14 02:24 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-14 02:24 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-14 02:24 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-14 02:24 - 2015-02-20 02:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-14 02:24 - 2015-02-20 02:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-14 02:24 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-14 02:24 - 2015-02-20 02:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-14 02:24 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-14 02:24 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-14 02:24 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-14 02:24 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-14 02:24 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-14 02:24 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-14 02:24 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-14 02:24 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-14 02:24 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-14 02:24 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-14 02:24 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-14 02:24 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-14 02:24 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-14 02:24 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-14 02:24 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-14 02:24 - 2015-01-28 16:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-14 02:24 - 2015-01-28 16:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-14 02:24 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-14 02:24 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-14 02:24 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-14 02:23 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-14 02:23 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-12 05:56 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-12 05:56 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-12 05:56 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-12 05:56 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-12 05:56 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-12 05:56 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-12 05:56 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-12 05:56 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-12 05:47 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-12 05:47 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-12 05:47 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-12 05:47 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-08 20:52 - 2015-03-16 16:08 - 00005088 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PW-PHOTOART-Pierre PW-PhotoArt
2015-03-07 20:07 - 2015-03-07 20:07 - 00000517 _____ () C:\Users\Pierre\Desktop\Photos (F) - Verknüpfung.lnk
2015-03-06 21:24 - 2015-03-08 20:51 - 00000000 ____D () C:\Program Files\Artensoft Photo Collage Maker
2015-03-06 21:23 - 2015-03-06 21:24 - 00000000 ___SD () C:\Users\Pierre\Desktop\Artensoft Photo Collage Maker 1.2.50
2015-03-06 21:19 - 2015-03-18 21:01 - 00000000 ____D () C:\Users\Pierre\Desktop\B-Day Collage
2015-03-05 15:36 - 2015-03-15 17:54 - 00000000 ____D () C:\Users\Pierre\Desktop\Morgan
2015-02-28 09:33 - 2015-02-28 09:34 - 00002162 ____H () C:\Windows\EPMBatch.ept
2015-02-28 01:57 - 2015-02-28 01:57 - 00001419 _____ () C:\Users\Public\Desktop\EaseUS Partition Master 10.2.lnk
2015-02-28 01:57 - 2015-02-28 01:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.2
2015-02-28 01:57 - 2015-02-28 01:57 - 00000000 ____D () C:\Program Files (x86)\EaseUS
2015-02-28 01:57 - 2014-11-18 14:46 - 03384928 _____ () C:\Windows\system32\BootMan.exe
2015-02-28 01:57 - 2014-11-18 14:46 - 02502240 _____ () C:\Windows\SysWOW64\BootMan.exe
2015-02-28 01:57 - 2014-11-18 14:46 - 00021088 _____ () C:\Windows\SysWOW64\EuEpmGdi.dll
2015-02-28 01:57 - 2014-11-18 14:46 - 00017504 _____ () C:\Windows\system32\EuEpmGdi.dll
2015-02-28 01:57 - 2014-11-18 14:39 - 00018528 _____ () C:\Windows\system32\epmntdrv.sys
2015-02-28 01:57 - 2014-11-18 14:39 - 00014944 _____ () C:\Windows\SysWOW64\epmntdrv.sys
2015-02-28 01:57 - 2014-11-18 14:39 - 00010848 _____ () C:\Windows\system32\EuGdiDrv.sys
2015-02-28 01:57 - 2014-11-18 14:39 - 00010208 _____ () C:\Windows\SysWOW64\EuGdiDrv.sys
2015-02-28 01:57 - 2014-11-18 14:38 - 00101984 _____ () C:\Windows\system32\setupempdrvx64.exe
2015-02-28 01:57 - 2014-11-18 14:38 - 00088160 _____ () C:\Windows\SysWOW64\setupempdrv03.exe
2015-02-25 03:35 - 2014-12-13 22:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 03:35 - 2014-12-13 22:28 - 00513488 _____ () C:\Windows\system32\locale.nls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-26 05:11 - 2015-01-20 19:19 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\vlc
2015-03-26 05:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-26 04:53 - 2015-01-18 17:43 - 00001142 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-26 04:52 - 2015-01-18 10:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-26 04:32 - 2015-02-03 21:32 - 01950497 ____N () C:\Windows\WindowsUpdate.log
2015-03-26 04:15 - 2015-01-18 10:28 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Adobe
2015-03-25 07:59 - 2015-01-17 21:11 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-03-24 14:29 - 2015-01-17 20:46 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4038099733-1638177181-3844028860-1001
2015-03-24 14:24 - 2015-02-03 21:09 - 00001186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-24 14:24 - 2015-01-20 18:11 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-24 14:24 - 2015-01-17 20:41 - 00001465 _____ () C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-24 14:18 - 2015-01-28 03:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-24 06:01 - 2015-01-18 15:47 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-23 02:18 - 2015-01-17 22:40 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-03-23 02:18 - 2015-01-17 22:40 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-03-22 20:53 - 2015-01-18 17:43 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-22 07:52 - 2015-01-17 21:41 - 00000000 ____D () C:\ProgramData\Origin
2015-03-21 21:22 - 2014-11-22 01:06 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-21 21:22 - 2014-11-22 00:19 - 00764340 _____ () C:\Windows\system32\perfh007.dat
2015-03-21 21:22 - 2014-11-22 00:19 - 00159160 _____ () C:\Windows\system32\perfc007.dat
2015-03-21 21:16 - 2015-02-11 05:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-21 21:16 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-21 21:16 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-21 19:42 - 2015-01-18 15:48 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-18 21:11 - 2015-01-17 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-18 21:10 - 2015-01-17 20:48 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-18 18:28 - 2015-01-17 20:40 - 00000000 ____D () C:\Users\Pierre
2015-03-15 14:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-03-14 16:30 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
2015-03-14 16:29 - 2014-07-25 13:13 - 00068616 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwfp.sys
2015-03-14 16:27 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-03-14 16:27 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-14 16:25 - 2015-01-17 22:40 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-14 14:29 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-14 14:24 - 2015-01-18 10:29 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-14 14:18 - 2013-08-22 15:44 - 05676136 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-14 03:52 - 2015-02-03 21:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-14 03:51 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-14 03:50 - 2015-02-03 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-14 03:44 - 2013-08-22 14:25 - 00000167 _____ () C:\Windows\win.ini
2015-03-14 03:43 - 2015-01-18 01:38 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-14 03:40 - 2015-01-18 01:38 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-13 20:41 - 2015-02-11 05:45 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-03-13 20:41 - 2015-02-11 05:45 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-13 17:16 - 2015-02-11 05:45 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-13 17:16 - 2015-02-11 05:45 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-13 17:16 - 2015-02-11 05:45 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-13 17:16 - 2015-02-11 05:45 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-13 17:16 - 2015-02-11 05:45 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-13 17:16 - 2015-02-11 05:45 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-12 05:38 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-12 03:27 - 2015-02-03 21:24 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Microsoft Help
2015-03-11 14:10 - 2015-02-11 05:45 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
2015-03-07 20:19 - 2015-01-17 20:41 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Adobe
2015-03-04 22:24 - 2014-11-22 08:40 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 22:24 - 2014-11-22 08:40 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-03 14:17 - 2015-01-18 01:41 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-28 17:32 - 2015-01-03 15:40 - 00000000 ____D () C:\Users\Pierre\Desktop\Tools
2015-02-27 02:29 - 2015-01-25 23:30 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\FileZilla
2015-02-27 02:29 - 2015-01-19 16:04 - 00000000 ____D () C:\Windows\Minidump
2015-02-27 02:29 - 2015-01-18 18:57 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\TS3Client
2015-02-27 02:24 - 2015-01-17 21:41 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-25 04:47 - 2015-01-17 22:08 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-02-25 03:29 - 2015-02-13 07:28 - 00001270 _____ () C:\Users\Public\Desktop\Battlefield 4 CTE.lnk
2015-02-25 03:29 - 2015-02-13 07:28 - 00001248 _____ () C:\Users\Public\Desktop\Battlefield 4 CTE(64 bit).lnk

==================== Files in the root of some directories =======

2015-01-25 22:38 - 2015-02-14 07:16 - 0000132 _____ () C:\Users\Pierre\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-24 04:49

==================== End Of Log ============================
Addition.txt:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Pierre at 2015-03-26 05:20:07
Running from C:\Users\Pierre\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Ashampoo Burning Studio 15 v.15.0.2 (HKLM-x32\...\{91B33C97-5B38-0A92-D04A-A0F26F3F87D4}_is1) (Version: 15.0.2 - Ashampoo GmbH & Co. KG)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
Battlefield 4™ CTE (HKLM-x32\...\{551A08D1-B60E-4DED-9B67-C3B38258CCA3}) (Version: 1.0.2.27855 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon MX510 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX510_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Cinergy T Stick Driver Installation (64 Bit) (HKLM-x32\...\{1F64A9D9-1014-4703-9AB3-D40186EC1FD9}) (Version: 8.08.18.01 - TERRATEC Electronic GmbH)
DVBViewer TERRATEC Edition (HKLM-x32\...\DVBViewer TERRATEC Edition_is1) (Version:  - CM&V)
EaseUS Partition Master 10.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GRID Autosport Limited Black Edition MULTi2 1.0 (HKLM-x32\...\GRID Autosport Limited Black Edition MULTi2 1.0) (Version:  - )
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.4.0 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.88 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERRATEC Cinergy T Stick RC (64 Bit) (HKLM-x32\...\{A290163E-E47C-4557-89F0-AA2CE2E06060}) (Version: 64.1.1129.2011 - TERRATEC)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows-Treiberpaket - TerraTec  (AF9035BDA) Media  (05/18/2009 8.08.18.01) (HKLM\...\097FFCDCC4FD60E5718889F1A1C7F15458FD6845) (Version: 05/18/2009 8.08.18.01 - TerraTec )
Windows-Treiberpaket - TERRATEC  (AF9035BDA) Media  (11/05/2009 9.6.3.1) (HKLM\...\CF478D3890C4E28A2A2BB33086006C0E8625AF01) (Version: 11/05/2009 9.6.3.1 - TERRATEC )
Windows-Treiberpaket - TERRATEC  (RTL2832U_IRHID) HIDClass  (12/15/2011 8664.003.0925.2009) (HKLM\...\B6F57F88D26B29F80CE11F40BFCB2158BAFE495A) (Version: 12/15/2011 8664.003.0925.2009 - TERRATEC )
Windows-Treiberpaket - TERRATEC  (RTL2832UUSB) MEDIA  (11/29/2011 64.001.1129.2011) (HKLM\...\8BA122B98940C626C60BFEE7798BC43093ECC21C) (Version: 11/29/2011 64.001.1129.2011 - TERRATEC )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2015-01-21 21:20 - 00000980 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1                  practivate.adobe.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03F5DAE8-861F-4F68-9266-1F584B3D3DB7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {15713FED-7FF7-442C-B24D-AE48A5DED7ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18] (Google Inc.)
Task: {23EEBE73-8346-435C-A6E4-C7827ABCAC5D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-14] (Microsoft Corporation)
Task: {4F91AF37-4C49-44A4-B08E-3DBA4096850B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {5DA8DE5E-B4B5-4BE8-9854-5DDAD899B2D3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18] (Google Inc.)
Task: {6A15E216-B2B1-470B-9A84-29A5EED74EB2} - System32\Tasks\RocketTab => cmd.exe /C start "" "C:\Program Files (x86)\Search Extensions\Client.exe" /Preferred=true <==== ATTENTION
Task: {8596E908-D8BB-4B36-871D-69A5C7E2D549} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-01-17] ()
Task: {8F191BFD-6828-4440-B6AC-A176F5F6FD33} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-info@pw-photoart.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {A2691775-A14F-46A6-8131-E534181514DA} - \RocketTab Update Task No Task File <==== ATTENTION
Task: {A58408B3-CA33-41A3-8931-F91A21C57654} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-14] (Adobe Systems Incorporated)
Task: {B95E531B-1E85-4808-891C-DBF8E8D44318} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PW-PHOTOART-Pierre PW-PhotoArt => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)
Task: {C55B08AA-9104-4C00-9CF6-52F75F6A9635} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {D00665B5-F956-4897-B369-9311FBE8026C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Tempo Runner bzdap.job => C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe3/dgad C:\ProgramData\bobyzoom\1.1.0.30\bzdap.exe

==================== Loaded Modules (whitelisted) ==============

2015-01-17 23:40 - 2015-02-14 03:53 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-02-11 05:45 - 2015-03-13 17:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-01-21 03:06 - 2015-01-21 03:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-01-17 22:40 - 2015-03-23 02:18 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2015-01-17 21:42 - 2015-02-27 02:23 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-01-17 21:42 - 2015-02-27 02:23 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-01-17 21:42 - 2015-02-27 02:23 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-01-17 21:42 - 2015-02-27 02:23 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-01-17 21:42 - 2015-02-27 02:23 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-01-17 21:42 - 2015-02-27 02:23 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-01-17 21:42 - 2015-02-27 02:23 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-01-17 21:42 - 2015-02-27 02:23 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-12-03 19:07 - 2014-12-03 19:07 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu
2015-01-16 16:34 - 2015-01-16 16:34 - 00039200 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-03-21 21:54 - 2015-03-14 11:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-21 21:54 - 2015-03-14 11:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-21 21:54 - 2015-03-14 11:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll
2015-03-21 21:54 - 2015-03-14 11:12 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll
2014-08-30 17:12 - 2015-03-14 16:29 - 00459048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-08-30 17:12 - 2015-03-14 16:29 - 00587048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-08-30 17:12 - 2015-03-14 16:29 - 00332584 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com\nponlinebanking.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Pierre\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\Control Panel\Desktop\\Wallpaper -> F:\2015\03-02 - Enny & Morgan Studio #1\web\IMG_8527-2.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "HDAudDeck"
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_C5FC491E2CAB4BC85E5326FDF3ED6A98"

==================== Accounts: =============================

Administrator (S-1-5-21-4038099733-1638177181-3844028860-500 - Administrator - Disabled)
Gast (S-1-5-21-4038099733-1638177181-3844028860-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4038099733-1638177181-3844028860-1003 - Limited - Enabled)
Pierre (S-1-5-21-4038099733-1638177181-3844028860-1001 - Administrator - Enabled) => C:\Users\Pierre

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/24/2015 02:39:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bzdap.exe, Version: 1.1.0.30, Zeitstempel: 0x55112918
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x711a83c9
ID des fehlerhaften Prozesses: 0x2080
Startzeit der fehlerhaften Anwendung: 0xbzdap.exe0
Pfad der fehlerhaften Anwendung: bzdap.exe1
Pfad des fehlerhaften Moduls: bzdap.exe2
Berichtskennung: bzdap.exe3
Vollständiger Name des fehlerhaften Pakets: bzdap.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bzdap.exe5

Error: (03/24/2015 02:39:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bzdap.exe, Version: 1.1.0.30, Zeitstempel: 0x55112918
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17668, Zeitstempel: 0x54c846bb
Ausnahmecode: 0xc000070a
Fehleroffset: 0x000f4b36
ID des fehlerhaften Prozesses: 0x1c2c
Startzeit der fehlerhaften Anwendung: 0xbzdap.exe0
Pfad der fehlerhaften Anwendung: bzdap.exe1
Pfad des fehlerhaften Moduls: bzdap.exe2
Berichtskennung: bzdap.exe3
Vollständiger Name des fehlerhaften Pakets: bzdap.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bzdap.exe5

Error: (03/24/2015 02:25:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.4.5557, Zeitstempel: 0x550d0883
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.4.5557, Zeitstempel: 0x550cfa82
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0x440
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (03/24/2015 02:25:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.4.5557, Zeitstempel: 0x550d0883
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.4.5557, Zeitstempel: 0x550cfa82
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0x1af8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (03/24/2015 02:25:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.4.5557, Zeitstempel: 0x550d0883
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.4.5557, Zeitstempel: 0x550cfa82
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0x624
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (03/24/2015 02:24:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 41.0.2272.101, Zeitstempel: 0x5503f436
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17668, Zeitstempel: 0x54c846bb
Ausnahmecode: 0xc0000142
Fehleroffset: 0x0009e052
ID des fehlerhaften Prozesses: 0x22dc
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (03/24/2015 02:24:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.4.5557, Zeitstempel: 0x550d0883
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.4.5557, Zeitstempel: 0x550cfa82
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0x1624
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (03/24/2015 02:24:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.4.5557, Zeitstempel: 0x550d0883
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.4.5557, Zeitstempel: 0x550cfa82
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0x21fc
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (03/24/2015 02:24:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.4.5557, Zeitstempel: 0x550d0883
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.4.5557, Zeitstempel: 0x550cfa82
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0x2018
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (03/24/2015 02:21:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.4.5557, Zeitstempel: 0x550d0883
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.4.5557, Zeitstempel: 0x550cfa82
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0xf60
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5


System errors:
=============
Error: (03/24/2015 04:13:52 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{135FD325-45B7-4C30-89F8-4386961669F0}{135FD325-45B7-4C30-89F8-4386961669F0}NT-AUTORITÄTNetzwerkdienstS-1-5-20LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/18/2015 10:49:06 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MONTY-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{BE745F5B-1873-4786-91F7-C4F10CEFCF64}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/18/2015 08:59:33 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MONTY-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{BE745F5B-1873-4786-91F7-C4F10CEFCF64}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/18/2015 00:50:24 AM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.

Error: (03/18/2015 00:50:24 AM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.

Error: (03/18/2015 00:50:23 AM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.

Error: (03/18/2015 00:50:23 AM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.

Error: (03/18/2015 00:48:53 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MONTY-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{BE745F5B-1873-4786-91F7-C4F10CEFCF64}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/17/2015 09:14:28 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MONTY-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{BE745F5B-1873-4786-91F7-C4F10CEFCF64}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/16/2015 08:32:46 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.


Microsoft Office Sessions:
=========================
Error: (03/24/2015 02:39:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bzdap.exe1.1.0.3055112918unknown0.0.0.000000000c0000005711a83c9208001d06637f1e948dfC:\ProgramData\bobyzoom\1.1.0.30\bzdap.exeunknown352b42d6-d22b-11e4-8266-20cf307ee358

Error: (03/24/2015 02:39:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bzdap.exe1.1.0.3055112918ntdll.dll6.3.9600.1766854c846bbc000070a000f4b361c2c01d06634ee1508e0C:\ProgramData\bobyzoom\1.1.0.30\bzdap.exeC:\Windows\SYSTEM32\ntdll.dll2e552118-d22b-11e4-8266-20cf307ee358

Error: (03/24/2015 02:25:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e0244001d06635f942200eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll3cdebe9e-d229-11e4-8266-20cf307ee358

Error: (03/24/2015 02:25:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e021af801d06635f872e60fC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll3c6daba3-d229-11e4-8266-20cf307ee358

Error: (03/24/2015 02:25:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e0262401d06635f7a70790C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll3baacdf1-d229-11e4-8266-20cf307ee358

Error: (03/24/2015 02:24:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe41.0.2272.1015503f436ntdll.dll6.3.9600.1766854c846bbc00001420009e05222dc01d06635e7ccb848C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\SYSTEM32\ntdll.dll25a62fd5-d229-11e4-8266-20cf307ee358

Error: (03/24/2015 02:24:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e02162401d066357cb1af13C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll24f3a60e-d229-11e4-8266-20cf307ee358

Error: (03/24/2015 02:24:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e0221fc01d066357d64fc2bC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll246ac4f7-d229-11e4-8266-20cf307ee358

Error: (03/24/2015 02:24:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e02201801d066357e190c92C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll231a9947-d229-11e4-8266-20cf307ee358

Error: (03/24/2015 02:21:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e02f6001d066354c455607C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb1714db3-d228-11e4-8266-20cf307ee358


CodeIntegrity Errors:
===================================
  Date: 2015-01-17 22:02:00.733
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\LMouFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 32%
Total physical RAM: 8190.79 MB
Available physical RAM: 5561.03 MB
Total Pagefile: 16383.05 MB
Available Pagefile: 12335.67 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Windows 8.1) (Fixed) (Total:476.84 GB) (Free:266.89 GB) NTFS
Drive e: (Downloads) (Fixed) (Total:465.76 GB) (Free:181.25 GB) NTFS
Drive f: (Photos) (Fixed) (Total:511.51 GB) (Free:252.24 GB) NTFS
Drive h: (Programme) (Fixed) (Total:120 GB) (Free:90.08 GB) NTFS
Drive i: (Spiele) (Fixed) (Total:300 GB) (Free:113.14 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: 786F9D4A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 350AFD0C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3E6A3E69)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Vielen Dank schonmal für etwaige Bemühungen.

Mit freundlichen Grüssen

pwpa ..

schrauber 26.03.2015 06:03
hi,

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

pwpa 27.03.2015 03:14
Hallo, danke für die Antwort. Hier nun die Logs:

mbam:

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 27.03.2015
Suchlauf-Zeit: 02:37:19
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.03.27.01
Rootkit Datenbank: v2015.03.26.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Pierre

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 358295
Verstrichene Zeit: 9 Min, 22 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 8
PUP.Optional.Protect, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1496, Löschen bei Neustart, [b8c511398efc9e98cdcba546fc0923dd]
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, 2164, Löschen bei Neustart, [7904d8727c0ebf77f1254dc3f21045bb]
PUP.Optional.SearchProtect, C:\Program Files (x86)\XTab\CmdShell.exe, 2308, Löschen bei Neustart, [1d60c783b3d79d99a8f2905bc54052ae]
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzagnt.exe, 1376, Löschen bei Neustart, [9de09baff5950e28ebffe9cb9370c838]
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzwdg.exe, 2064, Löschen bei Neustart, [0b723713b6d465d119d2c6eea75c3bc5]
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz32.exe, 4592, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc]
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz64.exe, 5704, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc]
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzdap.exe, 12320, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc]

Module: 17
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoomutil32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],

Registrierungsschlüssel: 25
PUP.Optional.Protect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [b8c511398efc9e98cdcba546fc0923dd],
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, In Quarantäne, [7904d8727c0ebf77f1254dc3f21045bb],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [255816345a301e1833441915a95af50b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [255816345a301e1833441915a95af50b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [255816345a301e1833441915a95af50b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [255816345a301e1833441915a95af50b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [255816345a301e1833441915a95af50b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [255816345a301e1833441915a95af50b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [255816345a301e1833441915a95af50b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [255816345a301e1833441915a95af50b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [255816345a301e1833441915a95af50b],
PUP.Optional.SupTab.A, HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [255816345a301e1833441915a95af50b],
PUP.Optional.SupTab.A, HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [255816345a301e1833441915a95af50b],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, In Quarantäne, [c3ba9bafbfcbfe385492566d58abe020],
PUP.Optional.LuckSearches.A, HKLM\SOFTWARE\WOW6432NODE\luckysearchesSoftware, In Quarantäne, [106df159c2c864d27fcbaf0717ec19e7],
PUP.Optional.RocketTab.A, HKLM\SOFTWARE\WOW6432NODE\RocketTab, In Quarantäne, [542991b9b3d7c67061c70acde61d47b9],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [2a5365e5ff8b181e6d167564c53ebe42],
PUP.Optional.Bobyzoom.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bobyzoom, In Quarantäne, [9de09baff5950e28ebffe9cb9370c838],
PUP.Optional.Bobyzoom.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bzwdg, In Quarantäne, [0b723713b6d465d119d2c6eea75c3bc5],
PUP.Optional.Zoom.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\tammgF119, Löschen bei Neustart, [2459af9b1d6d6accd3bdcfe446bd41bf],
PUP.Optional.Zoom.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\tammgR119, Löschen bei Neustart, [631a321853374cea7c148e2537cc07f9],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [601dfa50276388aeba24d2fcc43fc739],
PUP.Optional.RocketTab.A, HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\SOFTWARE\RocketTabInstalled, In Quarantäne, [225bfa505337cc6ad455bd1a778c9b65],
PUP.Optional.RocketTab.A, HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\SOFTWARE\SEARCH EXTENSIONS, In Quarantäne, [88f5a3a75e2c6bcb84ebb68e3dc832ce],
PUP.Optional.Bobyzoom.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{03479BA3-A0D6-4E93-bCD8-37789642EC9E}, In Quarantäne, [4a3376d4880277bf13e7ffb3659e44bc],

Registrierungswerte: 3
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, 2sq, In Quarantäne, [2a5365e5ff8b181e6d167564c53ebe42]
PUP.Optional.LuckySearches.A, HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, hxxp://www.luckysearches.com/web/?utm_source=b&utm_medium=2sq&utm_campaign=install_ie&utm_content=ds&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&ts=1427203205&type=default&q={searchTerms}, In Quarantäne, [e49927236c1e1422903ef35906ff0cf4]
PUP.Optional.RocketTab.A, HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\SOFTWARE\SEARCH EXTENSIONS|RocketTab, 1, In Quarantäne, [88f5a3a75e2c6bcb84ebb68e3dc832ce]

Registrierungsdaten: 14
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.luckysearches.com/?type=sc&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.luckysearches.com/?type=sc&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7),Ersetzt,[92ebe367a9e1c86eea03d4177e8701ff]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.luckysearches.com/web/?type=ds&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/web/?type=ds&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}),Ersetzt,[f38aeb5f652576c0eafd62890ff6bd43]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7),Ersetzt,[84f97bcf8703d56140a77972cf3655ab]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7),Ersetzt,[ceafc882cbbfd75f7f68b6359d68e61a]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.luckysearches.com/web/?type=ds&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/web/?type=ds&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}),Ersetzt,[720b4307028883b32cbb6586f312a45c]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.luckysearches.com/?type=sc&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.luckysearches.com/?type=sc&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7),Ersetzt,[5f1ecb7f0c7e082e17d626c5b352c739]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.luckysearches.com/web/?type=ds&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/web/?type=ds&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}),Ersetzt,[14694208b5d5b383a24521caab5afb05]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7),Ersetzt,[3845b298d5b5d3631acd5c8fb74e04fc]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7),Ersetzt,[1766ba90becc6ec8697e34b7828335cb]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.luckysearches.com/web/?type=ds&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/web/?type=ds&ts=1427203166&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}),Ersetzt,[c0bdf15991f9ad8967807279c1443ac6]
PUP.Optional.LuckySearches.A, HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.luckysearches.com/web/?type=dspp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/web/?type=dspp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}),Ersetzt,[522bc98138522d09965234b763a2cd33]
PUP.Optional.LuckySearches.A, HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7),Ersetzt,[eb9278d2e0aa38feae3aa942c0451ee2]
PUP.Optional.LuckySearches.A, HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7),Ersetzt,[9de01a30d8b289ad5593688311f48779]
PUP.Optional.LuckySearches.A, HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.luckysearches.com/web/?type=dspp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/web/?type=dspp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7&q={searchTerms}),Ersetzt,[cab30c3e88020531a7415b902adb3ac6]

Ordner: 9
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions, In Quarantäne, [186570dafe8ce94dbf36efc441c2a15f],
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources, In Quarantäne, [186570dafe8ce94dbf36efc441c2a15f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Löschen bei Neustart, [8bf2e9612b5fd363881cafdf0300b848],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [8bf2e9612b5fd363881cafdf0300b848],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, In Quarantäne, [f8858cbe3e4cef47b68423881fe4ce32],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, In Quarantäne, [f8858cbe3e4cef47b68423881fe4ce32],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content, In Quarantäne, [4a3376d4880277bf13e7ffb3659e44bc],

Dateien: 44
PUP.Optional.Protect, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Löschen bei Neustart, [b8c511398efc9e98cdcba546fc0923dd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, Löschen bei Neustart, [7904d8727c0ebf77f1254dc3f21045bb],
PUP.Optional.SearchProtect, C:\Program Files (x86)\XTab\CmdShell.exe, Löschen bei Neustart, [1d60c783b3d79d99a8f2905bc54052ae],
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchCH.dll, In Quarantäne, [fb82e56543472511b54fd599be423cc4],
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchFF.dll, In Quarantäne, [bac3e169c7c3e84e4cb883eb768a21df],
PUP.Optional.ELEX, C:\Program Files (x86)\XTab\HPNotify.exe, In Quarantäne, [433aa4a673179c9a1610b879b54d867a],
PUP.Optional.SearchProtect, C:\Program Files (x86)\XTab\IeWatchDog.dll, In Quarantäne, [a1dc252586047fb7f0a9727924e19e62],
PUP.Optional.Zoom.A, c:\windows\system32\drivers\tammgf119.sys, Löschen bei Neustart, [bbc27ecc9af0c76f5d32c4ef3bc8f50b],
PUP.Optional.Zoom.A, c:\windows\system32\drivers\tammgr119.sys, Löschen bei Neustart, [fc81301ab9d101354e41605349ba9f61],
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\config.dat, In Quarantäne, [186570dafe8ce94dbf36efc441c2a15f],
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\certmanager.exe, In Quarantäne, [186570dafe8ce94dbf36efc441c2a15f],
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\makecert.exe, In Quarantäne, [186570dafe8ce94dbf36efc441c2a15f],
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources\certutil.exe, In Quarantäne, [186570dafe8ce94dbf36efc441c2a15f],
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources\libnspr4.dll, In Quarantäne, [186570dafe8ce94dbf36efc441c2a15f],
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources\libplc4.dll, In Quarantäne, [186570dafe8ce94dbf36efc441c2a15f],
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources\libplds4.dll, In Quarantäne, [186570dafe8ce94dbf36efc441c2a15f],
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources\nss3.dll, In Quarantäne, [186570dafe8ce94dbf36efc441c2a15f],
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources\smime3.dll, In Quarantäne, [186570dafe8ce94dbf36efc441c2a15f],
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources\softokn3.dll, In Quarantäne, [186570dafe8ce94dbf36efc441c2a15f],
PUP.Optional.Shost.A, C:\Windows\shost.bin, In Quarantäne, [87f62921008a2511a349efd3699aab55],
PUP.Optional.RocketTab.A, C:\Windows\System32\Tasks\RocketTab, In Quarantäne, [057876d416744cea7bb0d60123e06799],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzagnt.exe, Löschen bei Neustart, [9de09baff5950e28ebffe9cb9370c838],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzwdg.exe, Löschen bei Neustart, [0b723713b6d465d119d2c6eea75c3bc5],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [8bf2e9612b5fd363881cafdf0300b848],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update\conf, In Quarantäne, [f8858cbe3e4cef47b68423881fe4ce32],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoom.dat, In Quarantäne, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoom.xpi, In Quarantäne, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml64.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoomutil32.dll, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz32.exe, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz64.exe, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzdap.exe, Löschen bei Neustart, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\logo.ico, In Quarantäne, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\tammg.sys, In Quarantäne, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\tammgf.sys, In Quarantäne, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\tammgr.sys, In Quarantäne, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\uninstaller.exe, In Quarantäne, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\utils.exe, In Quarantäne, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgapi.js, In Quarantäne, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgmain.js, In Quarantäne, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgmain_app_bg.js, In Quarantäne, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgmain_app_cs.js, In Quarantäne, [4a3376d4880277bf13e7ffb3659e44bc],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\jquery4toolbar.js, In Quarantäne, [4a3376d4880277bf13e7ffb3659e44bc],

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
adwcleaner:

Code:
# AdwCleaner v4.113 - Bericht erstellt 27/03/2015 um 02:59:02
# Aktualisiert 22/03/2015 von Xplode
# Datenbank : 2015-03-26.1 [Server]
# Betriebssystem : Windows 8.1 Pro  (x64)
# Benutzername : Pierre - PW-PHOTOART
# Gestarted von : C:\Users\Pierre\Desktop\AdwCleaner_4.113.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\XTab
Ordner Gelöscht : C:\Users\Pierre\AppData\LocalLow\bobyzoom
Ordner Gelöscht : C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho
Datei Gelöscht : C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\cos8gm5n.default\user.js

***** [ Geplante Tasks ] *****

Task Gelöscht : RocketTab Update Task
Task Gelöscht : RocketTab

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho
Schlüssel Gelöscht : HKCU\Software\rttasks
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\bobyzoom
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v36.0.4 (x86 de)


-\\ Google Chrome v41.0.2272.101


*************************

AdwCleaner[R0].txt - [1608 Bytes] - [27/03/2015 02:55:47]
AdwCleaner[S0].txt - [1476 Bytes] - [27/03/2015 02:59:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1535  Bytes] ##########
JRT:

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.6 (03.22.2015:1)
OS: Windows 8.1 Pro x64
Ran by Pierre on 27.03.2015 at  3:02:04,97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.03.2015 at  3:09:29,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Pierre (administrator) on PW-PHOTOART on 27-03-2015 03:12:19
Running from C:\Users\Pierre\Desktop
Loaded Profiles: Pierre (Available profiles: Pierre)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2157056 2009-05-18] (VIA)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe [2089056 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-03-27] (Electronic Arts)
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\Run: [SMModifier] => "C:\Users\Pierre\Desktop\StartMenuModifier.exe" -close
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\MountPoints2: {11fe3d4c-aeb8-11e4-825a-20cf307ee358} - "G:\pushinst.exe"
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4038099733-1638177181-3844028860-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL =
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-14] (Kaspersky Lab ZAO)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-14] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-14] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-03-14] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-08] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-03-14] (Kaspersky Lab ZAO)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-08] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-03-14] (Kaspersky Lab ZAO)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-4038099733-1638177181-3844028860-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\cos8gm5n.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-14] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-08] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-14] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-14] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-14] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Extension: Adblock Plus - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\cos8gm5n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-26]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.luckysearches.com/?type=hppp&ts=1427203197&from=2sq&uid=CrucialXCT512MX100SSD1_14360D2265B70D2265B7"
CHR Profile: C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-26]
CHR Extension: (Google Docs) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-26]
CHR Extension: (Google Drive) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-26]
CHR Extension: (YouTube) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-26]
CHR Extension: (Google Search) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-26]
CHR Extension: (Tampermonkey) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-03-26]
CHR Extension: (Facebook Select All Friends 2015) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\emcgfadcikgmmidfkhohddnmhbaapgcf [2015-03-26]
CHR Extension: (Invite All (for Facebook)) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopekjehpibhfpjjcokfmhcaeiclddih [2015-03-26]
CHR Extension: (Google Sheets) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-26]
CHR Extension: (FaceBook Select All) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gakbhljkhaajagifijdfbpjngogfapho [2015-03-26]
CHR Extension: (AdBlock) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-26]
CHR Extension: (Invite All Friends Pro 2.0 for Facebook) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\llihccomjnidgdibbpciaajkednnglpm [2015-03-26]
CHR Extension: (Google Wallet) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-26]
CHR Extension: (Battlelog Emblem Editor Extended) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\noagedoiolkfaoaknohhepocfeooibjb [2015-03-26]
CHR Extension: (Facebook Invite All Subrange) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\phlacnclhiinhhoaonnoflhaoaklmfek [2015-03-26]
CHR Extension: (Gmail) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-22] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-03-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-14] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-02-13] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF9035BDA; C:\Windows\system32\DRIVERS\AF15BDA.sys [514856 2012-11-09] (ITETech                  )
S3 arusb_win7x; C:\Windows\system32\DRIVERS\arusb_win7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 fwlanusbn; C:\Windows\system32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2015-03-14] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [800440 2015-03-14] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2015-03-14] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2015-03-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-27] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [40136 2015-03-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rusb3hub; C:\Windows\System32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\system32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-27 03:12 - 2014-04-15 02:26 - 115204688 _____ () C:\Users\Pierre\Desktop\n2149.avi
2015-03-27 03:09 - 2015-03-27 03:09 - 00000619 _____ () C:\Users\Pierre\Desktop\JRT.txt
2015-03-27 03:07 - 2015-01-20 14:49 - 68227782 _____ () C:\Users\Pierre\Desktop\besuch.flv
2015-03-27 03:07 - 2015-01-19 13:19 - 145771672 _____ () C:\Users\Pierre\Desktop\Sehr süsse Deutsche Maus bekommt sein Sperma immer wenn Sie das will.flv
2015-03-27 03:07 - 2014-09-15 12:28 - 228344029 _____ () C:\Users\Pierre\Desktop\leoo.wmv
2015-03-27 03:01 - 2015-03-27 03:01 - 01388782 _____ (Thisisu) C:\Users\Pierre\Desktop\JRT.exe
2015-03-27 03:01 - 2015-03-27 03:01 - 00001619 _____ () C:\Users\Pierre\Desktop\adwcleaner.txt
2015-03-27 02:55 - 2015-03-27 02:59 - 00000000 ____D () C:\AdwCleaner
2015-03-27 02:54 - 2015-03-27 02:54 - 02168320 _____ () C:\Users\Pierre\Desktop\AdwCleaner_4.113.exe
2015-03-27 02:54 - 2015-03-27 02:54 - 00021928 _____ () C:\Users\Pierre\Desktop\mbam.txt
2015-03-27 02:36 - 2015-03-27 03:07 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-27 02:36 - 2015-03-27 02:36 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-27 02:36 - 2015-03-27 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-27 02:36 - 2015-03-27 02:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-27 02:36 - 2015-03-27 02:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-27 02:36 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-27 02:36 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-27 02:36 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-27 02:33 - 2015-03-27 02:33 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Pierre\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-26 06:09 - 2015-03-26 06:09 - 00243648 _____ () C:\Users\Pierre\Downloads\Firefox Setup Stub 36.0.4.exe
2015-03-26 06:09 - 2015-03-26 06:09 - 00001186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-26 06:09 - 2015-03-26 06:09 - 00001174 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-26 06:09 - 2015-03-26 06:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-26 06:04 - 2015-03-26 06:04 - 00002282 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-26 06:04 - 2015-03-26 06:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-26 05:58 - 2015-03-27 02:59 - 00017406 _____ () C:\Windows\PFRO.log
2015-03-26 05:58 - 2015-03-27 02:59 - 00001044 _____ () C:\Windows\setupact.log
2015-03-26 05:58 - 2015-03-26 05:58 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-26 05:45 - 2015-03-27 03:12 - 00073728 ___SH () C:\Users\Pierre\Desktop\Thumbs.db
2015-03-26 05:20 - 2015-03-26 05:20 - 00035595 _____ () C:\Users\Pierre\Desktop\Addition.txt
2015-03-26 05:19 - 2015-03-27 03:12 - 00023974 _____ () C:\Users\Pierre\Desktop\FRST.txt
2015-03-26 05:19 - 2015-03-26 05:19 - 00001295 _____ () C:\Users\Pierre\Desktop\Revo Uninstaller.lnk
2015-03-26 05:19 - 2015-03-26 05:19 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-03-26 05:18 - 2015-03-27 03:12 - 00000000 ____D () C:\FRST
2015-03-26 05:18 - 2015-03-26 05:18 - 02095616 _____ (Farbar) C:\Users\Pierre\Desktop\FRST64.exe
2015-03-24 14:19 - 2015-03-24 14:25 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Opera Software
2015-03-24 14:19 - 2015-03-24 14:25 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Opera Software
2015-03-24 14:18 - 2015-03-24 14:25 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-03-24 13:40 - 2015-03-24 13:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2015-03-24 13:37 - 2015-03-24 13:40 - 00000000 ____D () C:\Windows\LastGood
2015-03-24 13:31 - 2012-06-27 09:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2015-03-24 13:31 - 2012-06-27 09:37 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2015-03-24 13:30 - 2015-03-24 13:30 - 00000000 ____D () C:\ProgramData\Samsung
2015-03-24 13:30 - 2015-03-24 13:30 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-03-24 13:28 - 2015-03-25 06:25 - 00000000 ____D () C:\Users\Pierre\Desktop\samsung n7100 neu
2015-03-22 16:06 - 2015-02-12 12:11 - 00000000 ____D () C:\Users\Pierre\Desktop\Bitdefender Total Security 2015 Build 18.20.0.1429 64bit
2015-03-20 08:57 - 2015-03-20 08:57 - 00000000 ____D () C:\Users\Pierre\Desktop\Lords Of Hardcore Vol.15
2015-03-20 08:56 - 2015-03-05 20:57 - 00000000 ____D () C:\Users\Pierre\Desktop\Hardcore Convention 2015
2015-03-20 08:51 - 2015-03-20 08:52 - 00000000 ____D () C:\ProgramData\Ashampoo
2015-03-20 08:51 - 2015-03-20 08:51 - 00001195 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio 15.lnk
2015-03-20 08:51 - 2015-03-20 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-03-20 08:51 - 2015-03-20 08:51 - 00000000 ____D () C:\Program Files (x86)\Ashampoo Burning Studio 15
2015-03-20 08:50 - 2015-03-20 08:50 - 230457467 _____ () C:\Users\Pierre\Desktop\Shampoo 15022.rar
2015-03-19 19:32 - 2015-03-19 19:32 - 00001182 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-03-19 19:32 - 2015-03-19 19:32 - 00001132 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-03-19 19:32 - 2015-03-19 19:32 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Canneverbe Limited
2015-03-19 19:32 - 2015-03-19 19:32 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2015-03-19 19:32 - 2015-03-19 19:32 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2015-03-18 21:11 - 2015-03-13 16:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-03-18 21:10 - 2015-03-18 21:10 - 00000000 ____D () C:\Windows\LastGood.Tmp
2015-03-18 21:10 - 2015-03-13 20:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-18 21:10 - 2015-03-13 20:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00833680 _____ () C:\Windows\system32\nvmcumd.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00101576 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00040136 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-03-18 18:28 - 2015-03-18 18:28 - 00000000 ____D () C:\Users\Pierre\.jordan
2015-03-17 22:17 - 2015-03-17 22:17 - 09541378 _____ () C:\Users\Pierre\Desktop\ennymorgan tasse.zip
2015-03-17 22:05 - 2015-03-17 22:05 - 186779852 _____ () C:\Users\Pierre\Desktop\enny-morgan Rahmen.psd
2015-03-17 19:21 - 2015-03-17 19:21 - 00000000 ____D () C:\Users\Pierre\Documents\My Games
2015-03-17 19:21 - 2015-03-17 19:21 - 00000000 ____D () C:\ProgramData\Steam
2015-03-17 19:21 - 2015-03-17 19:21 - 00000000 ____D () C:\ProgramData\Codemasters
2015-03-17 18:38 - 2015-03-17 18:38 - 00002201 _____ () C:\Users\Pierre\Desktop\GRID Autosport Limited Black Edition.lnk
2015-03-17 18:38 - 2015-03-17 18:38 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-03-17 18:35 - 2015-03-17 18:38 - 00000000 ____D () C:\Program Files (x86)\GRID Autosport Limited Black Edition
2015-03-16 22:55 - 2015-03-17 23:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-03-16 19:33 - 2015-03-20 08:52 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Ashampoo
2015-03-16 19:33 - 2015-03-16 19:33 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Ashampoo
2015-03-16 19:32 - 2015-03-16 19:32 - 00000000 ____D () C:\Program Files\BurningStudioPortable
2015-03-14 16:27 - 2015-03-14 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-03-14 16:27 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-03-14 16:26 - 2015-03-27 02:59 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-14 16:26 - 2015-03-14 16:29 - 00800440 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-03-14 16:26 - 2015-03-14 16:29 - 00150536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-03-14 16:26 - 2015-03-14 16:26 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-03-14 16:26 - 2014-08-12 18:32 - 00247480 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-03-14 02:29 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-14 02:29 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-14 02:29 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-14 02:29 - 2015-02-07 00:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-14 02:29 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-14 02:29 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-14 02:29 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-14 02:29 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-14 02:29 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-14 02:29 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-14 02:29 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-14 02:29 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-14 02:29 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-14 02:29 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-14 02:29 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-14 02:27 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-14 02:27 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-14 02:27 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-14 02:27 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-14 02:27 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-14 02:27 - 2015-01-31 00:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-14 02:27 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-14 02:27 - 2015-01-30 04:01 - 00097792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-14 02:27 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-14 02:27 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-14 02:26 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-14 02:26 - 2015-02-06 02:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-14 02:25 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-14 02:25 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-14 02:25 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-14 02:25 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-14 02:25 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-14 02:25 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-14 02:25 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-14 02:25 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-14 02:25 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-14 02:25 - 2015-01-29 01:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-14 02:25 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-14 02:25 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-14 02:25 - 2015-01-29 01:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-14 02:25 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-14 02:25 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-14 02:24 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-14 02:24 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-14 02:24 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-14 02:24 - 2015-02-21 01:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-14 02:24 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-14 02:24 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-14 02:24 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-14 02:24 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-14 02:24 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-14 02:24 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-14 02:24 - 2015-02-20 03:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-14 02:24 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-14 02:24 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-14 02:24 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-14 02:24 - 2015-02-20 03:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-14 02:24 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-14 02:24 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-14 02:24 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-14 02:24 - 2015-02-20 02:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-14 02:24 - 2015-02-20 02:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-14 02:24 - 2015-02-20 02:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-14 02:24 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-14 02:24 - 2015-02-20 02:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-14 02:24 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-14 02:24 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-14 02:24 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-14 02:24 - 2015-02-20 02:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-14 02:24 - 2015-02-20 02:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-14 02:24 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-14 02:24 - 2015-02-20 02:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-14 02:24 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-14 02:24 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-14 02:24 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-14 02:24 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-14 02:24 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-14 02:24 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-14 02:24 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-14 02:24 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-14 02:24 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-14 02:24 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-14 02:24 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-14 02:24 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-14 02:24 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-14 02:24 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-14 02:24 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-14 02:24 - 2015-01-28 16:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-14 02:24 - 2015-01-28 16:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-14 02:24 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-14 02:24 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-14 02:24 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-14 02:23 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-14 02:23 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-12 05:56 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-12 05:56 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-12 05:56 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-12 05:56 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-12 05:56 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-12 05:56 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-12 05:56 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-12 05:56 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-12 05:47 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-12 05:47 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-12 05:47 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-12 05:47 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-08 20:52 - 2015-03-16 16:08 - 00005088 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PW-PHOTOART-Pierre PW-PhotoArt
2015-03-07 20:07 - 2015-03-07 20:07 - 00000517 _____ () C:\Users\Pierre\Desktop\Photos (F) - Verknüpfung.lnk
2015-03-06 21:24 - 2015-03-08 20:51 - 00000000 ____D () C:\Program Files\Artensoft Photo Collage Maker
2015-03-06 21:23 - 2015-03-06 21:24 - 00000000 ___SD () C:\Users\Pierre\Desktop\Artensoft Photo Collage Maker 1.2.50
2015-03-06 21:19 - 2015-03-18 21:01 - 00000000 ____D () C:\Users\Pierre\Desktop\B-Day Collage
2015-03-05 15:36 - 2015-03-15 17:54 - 00000000 ____D () C:\Users\Pierre\Desktop\Morgan
2015-02-28 09:33 - 2015-02-28 09:34 - 00002162 ____H () C:\Windows\EPMBatch.ept
2015-02-28 01:57 - 2015-02-28 01:57 - 00001419 _____ () C:\Users\Public\Desktop\EaseUS Partition Master 10.2.lnk
2015-02-28 01:57 - 2015-02-28 01:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.2
2015-02-28 01:57 - 2015-02-28 01:57 - 00000000 ____D () C:\Program Files (x86)\EaseUS
2015-02-28 01:57 - 2014-11-18 14:46 - 03384928 _____ () C:\Windows\system32\BootMan.exe
2015-02-28 01:57 - 2014-11-18 14:46 - 02502240 _____ () C:\Windows\SysWOW64\BootMan.exe
2015-02-28 01:57 - 2014-11-18 14:46 - 00021088 _____ () C:\Windows\SysWOW64\EuEpmGdi.dll
2015-02-28 01:57 - 2014-11-18 14:46 - 00017504 _____ () C:\Windows\system32\EuEpmGdi.dll
2015-02-28 01:57 - 2014-11-18 14:39 - 00018528 _____ () C:\Windows\system32\epmntdrv.sys
2015-02-28 01:57 - 2014-11-18 14:39 - 00014944 _____ () C:\Windows\SysWOW64\epmntdrv.sys
2015-02-28 01:57 - 2014-11-18 14:39 - 00010848 _____ () C:\Windows\system32\EuGdiDrv.sys
2015-02-28 01:57 - 2014-11-18 14:39 - 00010208 _____ () C:\Windows\SysWOW64\EuGdiDrv.sys
2015-02-28 01:57 - 2014-11-18 14:38 - 00101984 _____ () C:\Windows\system32\setupempdrvx64.exe
2015-02-28 01:57 - 2014-11-18 14:38 - 00088160 _____ () C:\Windows\SysWOW64\setupempdrv03.exe
2015-02-25 03:35 - 2014-12-13 22:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 03:35 - 2014-12-13 22:28 - 00513488 _____ () C:\Windows\system32\locale.nls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-27 03:11 - 2015-02-03 21:32 - 01136449 _____ () C:\Windows\WindowsUpdate.log
2015-03-27 03:09 - 2015-01-17 20:46 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4038099733-1638177181-3844028860-1001
2015-03-27 03:06 - 2014-11-22 01:06 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-27 03:06 - 2014-11-22 00:19 - 00764340 _____ () C:\Windows\system32\perfh007.dat
2015-03-27 03:06 - 2014-11-22 00:19 - 00159160 _____ () C:\Windows\system32\perfc007.dat
2015-03-27 03:01 - 2015-01-17 21:11 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-03-27 03:00 - 2015-01-18 17:43 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-27 03:00 - 2015-01-17 21:41 - 00000000 ____D () C:\ProgramData\Origin
2015-03-27 02:59 - 2015-02-11 05:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-27 02:59 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-27 02:59 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-27 02:53 - 2015-01-18 17:43 - 00001142 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-27 02:52 - 2015-01-18 10:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-27 02:51 - 2015-01-17 21:41 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-27 02:35 - 2015-01-03 15:40 - 00000000 ____D () C:\Users\Pierre\Desktop\Tools
2015-03-27 02:24 - 2015-01-18 10:28 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Adobe
2015-03-27 02:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-26 06:04 - 2015-01-18 17:43 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Google
2015-03-26 05:58 - 2015-01-28 03:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-26 05:43 - 2015-02-21 14:41 - 00000000 ____D () C:\Users\Pierre\Desktop\Photo eBooks
2015-03-26 05:39 - 2015-01-03 15:42 - 00000000 ____D () C:\Users\Pierre\Desktop\Docs
2015-03-26 05:11 - 2015-01-20 19:19 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\vlc
2015-03-24 14:24 - 2015-01-17 20:41 - 00001465 _____ () C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-24 06:01 - 2015-01-18 15:47 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-23 02:18 - 2015-01-17 22:40 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-03-23 02:18 - 2015-01-17 22:40 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-03-21 19:42 - 2015-01-18 15:48 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-18 21:11 - 2015-01-17 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-18 21:10 - 2015-01-17 20:48 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-18 18:28 - 2015-01-17 20:40 - 00000000 ____D () C:\Users\Pierre
2015-03-15 14:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-03-14 16:30 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
2015-03-14 16:29 - 2014-07-25 13:13 - 00068616 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwfp.sys
2015-03-14 16:27 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-03-14 16:27 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-14 16:25 - 2015-01-17 22:40 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-14 14:29 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-14 14:24 - 2015-01-18 10:29 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-14 14:18 - 2013-08-22 15:44 - 05676136 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-14 03:52 - 2015-02-03 21:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-14 03:51 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-14 03:50 - 2015-02-03 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-14 03:44 - 2013-08-22 14:25 - 00000167 _____ () C:\Windows\win.ini
2015-03-14 03:43 - 2015-01-18 01:38 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-14 03:40 - 2015-01-18 01:38 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-13 20:41 - 2015-02-11 05:45 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-03-13 20:41 - 2015-02-11 05:45 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-13 17:16 - 2015-02-11 05:45 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-13 17:16 - 2015-02-11 05:45 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-13 17:16 - 2015-02-11 05:45 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-13 17:16 - 2015-02-11 05:45 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-13 17:16 - 2015-02-11 05:45 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-13 17:16 - 2015-02-11 05:45 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-12 05:38 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-12 03:27 - 2015-02-03 21:24 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Microsoft Help
2015-03-11 14:10 - 2015-02-11 05:45 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
2015-03-07 20:19 - 2015-01-17 20:41 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Adobe
2015-03-04 22:24 - 2014-11-22 08:40 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 22:24 - 2014-11-22 08:40 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-03 14:17 - 2015-01-18 01:41 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-27 02:29 - 2015-01-25 23:30 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\FileZilla
2015-02-27 02:29 - 2015-01-19 16:04 - 00000000 ____D () C:\Windows\Minidump
2015-02-27 02:29 - 2015-01-18 18:57 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\TS3Client
2015-02-25 04:47 - 2015-01-17 22:08 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-02-25 03:29 - 2015-02-13 07:28 - 00001270 _____ () C:\Users\Public\Desktop\Battlefield 4 CTE.lnk
2015-02-25 03:29 - 2015-02-13 07:28 - 00001248 _____ () C:\Users\Public\Desktop\Battlefield 4 CTE(64 bit).lnk

==================== Files in the root of some directories =======

2015-01-25 22:38 - 2015-02-14 07:16 - 0000132 _____ () C:\Users\Pierre\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen

Some content of TEMP:
====================
C:\Users\Pierre\AppData\Local\Temp\Quarantine.exe
C:\Users\Pierre\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-24 04:49

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Danke schonmal.

Ps.: noch öffnen sich nachwievor wilkürlich die links ;-) wobei mbam das jedesmal verhindert.

schrauber 27.03.2015 19:27
Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen





ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

pwpa 28.03.2015 04:34
Hi. Danke vielmals.

Hier die Logs:

ESET:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=916928ef4f5d3f44a26bf54caa55d307
# engine=23124
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-28 03:16:01
# local_time=2015-03-28 04:16:01 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Bitdefender Antivirus'
# compatibility_mode=2066 16777213 100 100 0 131357870 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1165768 4993693 0 0
# scanned=543623
# found=6
# cleaned=6
# scan_time=5234
sh=5D628376391A827A818B0A079B64EE457AE9B82A ft=1 fh=c71c0011e2e7a7a5 vn="Variante von Win32/ELEX.BM evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowserAction.dll.vir"
sh=998856CC6105C674E3A6D540F714CF14B6065459 ft=1 fh=8ac4f376e68dc631 vn="Win32/Adware.Linkular.AC Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="E:\Backup 03.11.2013\Other Files\light_image_resizer4_setup_4.3.2.2b_linkular.exe"
sh=1736C47063E8E95902CA01F287D24C76AFFDDED8 ft=1 fh=0182462c0b921376 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="E:\Backup 03.11.2013\Other Files\Setups 10.10.2010\ashampoo_burning_studio_2010_advanced_9.24_7590.exe"
sh=8C8E406918EB26A313402F7B46A24E7508A316E7 ft=1 fh=17056912e56934ed vn="Variante von Win32/Complitly.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="E:\Backup 03.11.2013\Other Files\Setups 10.10.2010\Core-Temp-setup.exe"
sh=8BC61E7B6A1FDAA2ADE767CB3E0537407B0DF502 ft=1 fh=459b2730beae8c4e vn="Variante von Win32/MessengerPlus evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="E:\Backup 03.11.2013\Other Files\Setups 10.10.2010\MsgPlusLive-485.exe"
sh=E7DDAD4FB03EF255384CD927C967E3AF6C6F66C2 ft=1 fh=8b69d72e8683bcb1 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="E:\STICK SICHERUNG\Christian\Pictures\Neuer Ordner (2)\HARRISS XL\VLC Media Player 1.0.3\vlc-1.0.3-win32.exe"
SecurityCheck:

Code:
Results of screen317's Security Check version 0.99.97 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Bitdefender Antivirus 
Windows Defender       
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 31 
 Java version 32-bit out of Date!
  Java 64-bit 8 Update 31 
 Adobe Flash Player        17.0.0.134 
 Mozilla Firefox (36.0.4)
 Mozilla Thunderbird (31.5.0)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe 
 Bitdefender Bitdefender 2015 vsserv.exe 
 Bitdefender Bitdefender 2015 updatesrv.exe 
 Bitdefender Bitdefender 2015 bdagent.exe 
 Bitdefender Bitdefender 2015 bdwtxag.exe 
 Bitdefender Bitdefender 2015 antispam32 OBKAgent.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
FRST:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Pierre (administrator) on PW-PHOTOART on 28-03-2015 04:29:18
Running from C:\Users\Pierre\Desktop
Loaded Profiles: Pierre (Available profiles: Pierre)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\obkagent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-03-27] (Bitdefender)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2157056 2009-05-18] (VIA)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe [2089056 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd)
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-03-27] (Electronic Arts)
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\MountPoints2: {11fe3d4c-aeb8-11e4-825a-20cf307ee358} - "G:\pushinst.exe"
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4038099733-1638177181-3844028860-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL =
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-03-27] (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-03-27] (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-08] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-08] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-03-27] (Bitdefender)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-03-27] (Bitdefender)
Toolbar: HKU\S-1-5-21-4038099733-1638177181-3844028860-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\x9mv8juo.default-1427507043384
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-14] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-03-27]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-22] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-03-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-14] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-02-13] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-03-27] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF9035BDA; C:\Windows\system32\DRIVERS\AF15BDA.sys [514856 2012-11-09] (ITETech                  )
S3 arusb_win7x; C:\Windows\system32\DRIVERS\arusb_win7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-03-27] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [262544 2015-03-27] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-03-27] (BitDefender)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2015-03-27] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-03-27] (BitDefender SRL)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 fwlanusbn; C:\Windows\system32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-03-27] (BitDefender LLC)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [40136 2015-03-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rusb3hub; C:\Windows\System32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\system32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-28 04:29 - 2015-03-28 04:29 - 00020034 _____ () C:\Users\Pierre\Desktop\FRST.txt
2015-03-28 02:54 - 2015-03-28 02:54 - 00852604 _____ () C:\Users\Pierre\Downloads\SecurityCheck.exe
2015-03-28 02:47 - 2015-03-28 02:47 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-03-28 02:46 - 2015-03-28 02:46 - 02347384 _____ (ESET) C:\Users\Pierre\Downloads\esetsmartinstaller_deu.exe
2015-03-28 02:43 - 2015-03-28 02:43 - 00001186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-28 02:43 - 2015-03-28 02:43 - 00001174 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-28 02:43 - 2015-03-28 02:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-28 02:43 - 2015-03-28 02:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-27 05:54 - 2015-03-27 05:54 - 00000000 ____D () C:\Users\Pierre\Tracing
2015-03-27 05:51 - 2015-03-27 05:55 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Skype
2015-03-27 05:51 - 2015-03-27 05:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-27 05:51 - 2015-03-27 05:51 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-27 05:51 - 2015-03-27 05:51 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Skype
2015-03-27 05:51 - 2015-03-27 05:51 - 00000000 ____D () C:\ProgramData\Skype
2015-03-27 05:51 - 2015-03-27 05:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-27 05:50 - 2015-03-14 09:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-27 05:50 - 2015-03-14 09:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-27 03:59 - 2015-03-27 03:59 - 00262544 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-03-27 03:59 - 2015-03-27 03:59 - 00160544 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-03-27 03:59 - 2015-03-27 03:59 - 00079192 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-03-27 03:59 - 2015-03-27 03:59 - 00074000 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2015-03-27 03:55 - 2015-03-27 05:01 - 00000000 ____D () C:\Users\Pierre\Desktop\Sygic 15
2015-03-27 03:29 - 2015-03-27 03:29 - 00000385 _____ () C:\Users\Pierre\AppData\Roaminguser_gensett.xml
2015-03-27 03:28 - 2015-03-28 03:05 - 00000000 ____D () C:\ProgramData\BDLogging
2015-03-27 03:28 - 2015-03-27 03:58 - 01306464 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-03-27 03:28 - 2015-03-27 03:58 - 00677104 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-03-27 03:28 - 2015-03-27 03:58 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2015-03-27 03:28 - 2015-03-27 03:33 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Bitdefender
2015-03-27 03:28 - 2015-03-27 03:28 - 00473850 _____ () C:\ProgramData\1427423217.bdinstall.bin
2015-03-27 03:28 - 2015-03-27 03:28 - 00253404 ____H () C:\bdr-ld01
2015-03-27 03:28 - 2015-03-27 03:28 - 00009216 ____H () C:\bdr-ld01.mbr
2015-03-27 03:28 - 2015-03-27 03:28 - 00000684 ____H () C:\bdr-cf01
2015-03-27 03:28 - 2015-03-27 03:28 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2015-03-27 03:28 - 2015-03-27 03:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-03-27 03:28 - 2015-03-27 03:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-03-27 03:28 - 2014-12-02 16:37 - 00074000 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2015-03-27 03:28 - 2014-07-04 17:49 - 49563064 ____H () C:\bdr-im01.gz
2015-03-27 03:28 - 2013-11-19 14:44 - 00098768 _____ (BitDefender LLC) C:\Windows\system32\Drivers\bdfndisf6.sys
2015-03-27 03:28 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2015-03-27 03:28 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2015-03-27 03:28 - 2009-07-14 14:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-03-27 03:28 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2015-03-27 03:27 - 2015-03-27 03:58 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2015-03-27 03:27 - 2015-03-27 03:58 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
2015-03-27 03:27 - 2015-03-27 03:28 - 00000000 ____D () C:\ProgramData\Bitdefender
2015-03-27 03:27 - 2015-03-27 03:27 - 00000000 ____D () C:\Program Files\Bitdefender
2015-03-27 03:27 - 2014-10-15 16:14 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-03-27 03:26 - 2015-03-27 03:27 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-03-27 03:26 - 2015-03-27 03:26 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\QuickScan
2015-03-27 03:01 - 2015-03-27 03:01 - 01388782 _____ (Thisisu) C:\Users\Pierre\Desktop\JRT.exe
2015-03-27 02:55 - 2015-03-27 02:59 - 00000000 ____D () C:\AdwCleaner
2015-03-27 02:54 - 2015-03-27 02:54 - 02168320 _____ () C:\Users\Pierre\Desktop\AdwCleaner_4.113.exe
2015-03-27 02:36 - 2015-03-28 03:23 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-27 02:36 - 2015-03-27 02:36 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-27 02:36 - 2015-03-27 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-27 02:36 - 2015-03-27 02:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-27 02:36 - 2015-03-27 02:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-27 02:36 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-27 02:36 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-27 02:36 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-27 02:33 - 2015-03-27 02:33 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Pierre\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-26 06:09 - 2015-03-26 06:09 - 00243648 _____ () C:\Users\Pierre\Downloads\Firefox Setup Stub 36.0.4.exe
2015-03-26 05:58 - 2015-03-28 03:34 - 00022432 _____ () C:\Windows\setupact.log
2015-03-26 05:58 - 2015-03-27 04:10 - 00023352 _____ () C:\Windows\PFRO.log
2015-03-26 05:58 - 2015-03-26 05:58 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-26 05:45 - 2015-03-28 04:29 - 00108032 ___SH () C:\Users\Pierre\Desktop\Thumbs.db
2015-03-26 05:19 - 2015-03-26 05:19 - 00001295 _____ () C:\Users\Pierre\Desktop\Revo Uninstaller.lnk
2015-03-26 05:19 - 2015-03-26 05:19 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-03-26 05:18 - 2015-03-28 04:29 - 00000000 ____D () C:\FRST
2015-03-26 05:18 - 2015-03-26 05:18 - 02095616 _____ (Farbar) C:\Users\Pierre\Desktop\FRST64.exe
2015-03-24 14:19 - 2015-03-24 14:25 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Opera Software
2015-03-24 14:19 - 2015-03-24 14:25 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Opera Software
2015-03-24 14:18 - 2015-03-24 14:25 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-03-24 13:40 - 2015-03-24 13:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2015-03-24 13:31 - 2012-06-27 09:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2015-03-24 13:31 - 2012-06-27 09:37 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2015-03-24 13:30 - 2015-03-24 13:30 - 00000000 ____D () C:\ProgramData\Samsung
2015-03-24 13:30 - 2015-03-24 13:30 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-03-24 13:28 - 2015-03-28 03:25 - 00000000 ____D () C:\Users\Pierre\Desktop\samsung n7100 neu
2015-03-20 08:57 - 2015-03-20 08:57 - 00000000 ____D () C:\Users\Pierre\Desktop\Lords Of Hardcore Vol.15
2015-03-20 08:56 - 2015-03-05 20:57 - 00000000 ____D () C:\Users\Pierre\Desktop\Hardcore Convention 2015
2015-03-20 08:51 - 2015-03-20 08:52 - 00000000 ____D () C:\ProgramData\Ashampoo
2015-03-20 08:51 - 2015-03-20 08:51 - 00001195 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio 15.lnk
2015-03-20 08:51 - 2015-03-20 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-03-20 08:51 - 2015-03-20 08:51 - 00000000 ____D () C:\Program Files (x86)\Ashampoo Burning Studio 15
2015-03-20 08:50 - 2015-03-20 08:50 - 230457467 _____ () C:\Users\Pierre\Desktop\Shampoo 15022.rar
2015-03-19 19:32 - 2015-03-19 19:32 - 00001182 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-03-19 19:32 - 2015-03-19 19:32 - 00001132 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-03-19 19:32 - 2015-03-19 19:32 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Canneverbe Limited
2015-03-19 19:32 - 2015-03-19 19:32 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2015-03-19 19:32 - 2015-03-19 19:32 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2015-03-18 21:11 - 2015-03-13 16:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-03-18 21:10 - 2015-03-13 20:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-18 21:10 - 2015-03-13 20:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00833680 _____ () C:\Windows\system32\nvmcumd.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00101576 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-03-18 21:10 - 2015-03-13 20:41 - 00040136 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-03-18 18:28 - 2015-03-18 18:28 - 00000000 ____D () C:\Users\Pierre\.jordan
2015-03-17 22:17 - 2015-03-17 22:17 - 09541378 _____ () C:\Users\Pierre\Desktop\ennymorgan tasse.zip
2015-03-17 22:05 - 2015-03-17 22:05 - 186779852 _____ () C:\Users\Pierre\Desktop\enny-morgan Rahmen.psd
2015-03-17 19:21 - 2015-03-17 19:21 - 00000000 ____D () C:\Users\Pierre\Documents\My Games
2015-03-17 19:21 - 2015-03-17 19:21 - 00000000 ____D () C:\ProgramData\Steam
2015-03-17 19:21 - 2015-03-17 19:21 - 00000000 ____D () C:\ProgramData\Codemasters
2015-03-17 18:38 - 2015-03-17 18:38 - 00002201 _____ () C:\Users\Pierre\Desktop\GRID Autosport Limited Black Edition.lnk
2015-03-17 18:38 - 2015-03-17 18:38 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-03-17 18:35 - 2015-03-17 18:38 - 00000000 ____D () C:\Program Files (x86)\GRID Autosport Limited Black Edition
2015-03-16 22:55 - 2015-03-17 23:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-03-16 19:33 - 2015-03-20 08:52 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Ashampoo
2015-03-16 19:33 - 2015-03-16 19:33 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Ashampoo
2015-03-16 19:32 - 2015-03-16 19:32 - 00000000 ____D () C:\Program Files\BurningStudioPortable
2015-03-14 16:26 - 2015-03-27 03:24 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-14 02:29 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-14 02:29 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-14 02:29 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-14 02:29 - 2015-02-07 00:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-14 02:29 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-14 02:29 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-14 02:29 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-14 02:29 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-14 02:29 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-14 02:29 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-14 02:29 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-14 02:29 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-14 02:29 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-14 02:29 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-14 02:29 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-14 02:27 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-14 02:27 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-14 02:27 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-14 02:27 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-14 02:27 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-14 02:27 - 2015-01-31 00:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-14 02:27 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-14 02:27 - 2015-01-30 04:01 - 00097792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-14 02:27 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-14 02:27 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-14 02:26 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-14 02:26 - 2015-02-06 02:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-14 02:25 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-14 02:25 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-14 02:25 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-14 02:25 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-14 02:25 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-14 02:25 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-14 02:25 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-14 02:25 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-14 02:25 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-14 02:25 - 2015-01-29 01:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-14 02:25 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-14 02:25 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-14 02:25 - 2015-01-29 01:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-14 02:25 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-14 02:25 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-14 02:24 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-14 02:24 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-14 02:24 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-14 02:24 - 2015-02-21 01:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-14 02:24 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-14 02:24 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-14 02:24 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-14 02:24 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-14 02:24 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-14 02:24 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-14 02:24 - 2015-02-20 03:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-14 02:24 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-14 02:24 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-14 02:24 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-14 02:24 - 2015-02-20 03:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-14 02:24 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-14 02:24 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-14 02:24 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-14 02:24 - 2015-02-20 02:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-14 02:24 - 2015-02-20 02:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-14 02:24 - 2015-02-20 02:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-14 02:24 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-14 02:24 - 2015-02-20 02:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-14 02:24 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-14 02:24 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-14 02:24 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-14 02:24 - 2015-02-20 02:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-14 02:24 - 2015-02-20 02:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-14 02:24 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-14 02:24 - 2015-02-20 02:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-14 02:24 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-14 02:24 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-14 02:24 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-14 02:24 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-14 02:24 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-14 02:24 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-14 02:24 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-14 02:24 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-14 02:24 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-14 02:24 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-14 02:24 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-14 02:24 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-14 02:24 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-14 02:24 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-14 02:24 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-14 02:24 - 2015-01-28 16:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-14 02:24 - 2015-01-28 16:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-14 02:24 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-14 02:24 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-14 02:24 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-12 05:56 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-12 05:56 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-12 05:56 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-12 05:56 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-12 05:56 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-12 05:56 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-12 05:56 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-12 05:56 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-12 05:47 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-12 05:47 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-12 05:47 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-12 05:47 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-08 20:52 - 2015-03-16 16:08 - 00005088 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PW-PHOTOART-Pierre PW-PhotoArt
2015-03-07 20:07 - 2015-03-07 20:07 - 00000517 _____ () C:\Users\Pierre\Desktop\Photos (F) - Verknüpfung.lnk
2015-03-06 21:24 - 2015-03-08 20:51 - 00000000 ____D () C:\Program Files\Artensoft Photo Collage Maker
2015-03-06 21:23 - 2015-03-06 21:24 - 00000000 ___SD () C:\Users\Pierre\Desktop\Artensoft Photo Collage Maker 1.2.50
2015-03-06 21:19 - 2015-03-18 21:01 - 00000000 ____D () C:\Users\Pierre\Desktop\B-Day Collage
2015-03-05 15:36 - 2015-03-15 17:54 - 00000000 ____D () C:\Users\Pierre\Desktop\Morgan
2015-02-28 09:33 - 2015-02-28 09:34 - 00002162 ____H () C:\Windows\EPMBatch.ept
2015-02-28 01:57 - 2015-02-28 01:57 - 00001419 _____ () C:\Users\Public\Desktop\EaseUS Partition Master 10.2.lnk
2015-02-28 01:57 - 2015-02-28 01:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.2
2015-02-28 01:57 - 2015-02-28 01:57 - 00000000 ____D () C:\Program Files (x86)\EaseUS
2015-02-28 01:57 - 2014-11-18 14:46 - 03384928 _____ () C:\Windows\system32\BootMan.exe
2015-02-28 01:57 - 2014-11-18 14:46 - 02502240 _____ () C:\Windows\SysWOW64\BootMan.exe
2015-02-28 01:57 - 2014-11-18 14:46 - 00021088 _____ () C:\Windows\SysWOW64\EuEpmGdi.dll
2015-02-28 01:57 - 2014-11-18 14:46 - 00017504 _____ () C:\Windows\system32\EuEpmGdi.dll
2015-02-28 01:57 - 2014-11-18 14:39 - 00018528 _____ () C:\Windows\system32\epmntdrv.sys
2015-02-28 01:57 - 2014-11-18 14:39 - 00014944 _____ () C:\Windows\SysWOW64\epmntdrv.sys
2015-02-28 01:57 - 2014-11-18 14:39 - 00010848 _____ () C:\Windows\system32\EuGdiDrv.sys
2015-02-28 01:57 - 2014-11-18 14:39 - 00010208 _____ () C:\Windows\SysWOW64\EuGdiDrv.sys
2015-02-28 01:57 - 2014-11-18 14:38 - 00101984 _____ () C:\Windows\system32\setupempdrvx64.exe
2015-02-28 01:57 - 2014-11-18 14:38 - 00088160 _____ () C:\Windows\SysWOW64\setupempdrv03.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-28 04:22 - 2015-02-03 21:32 - 01602975 _____ () C:\Windows\WindowsUpdate.log
2015-03-28 04:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-28 03:11 - 2015-01-03 15:40 - 00000000 ____D () C:\Users\Pierre\Desktop\Tools
2015-03-28 02:53 - 2015-01-18 17:43 - 00001142 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-28 02:52 - 2015-01-18 10:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-28 02:43 - 2015-01-17 20:46 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4038099733-1638177181-3844028860-1001
2015-03-28 02:38 - 2015-01-18 17:43 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Google
2015-03-28 02:38 - 2015-01-18 17:43 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-28 02:07 - 2015-01-18 10:28 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Adobe
2015-03-27 14:03 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-27 06:02 - 2014-11-22 01:06 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-27 06:02 - 2014-11-22 00:19 - 00764340 _____ () C:\Windows\system32\perfh007.dat
2015-03-27 06:02 - 2014-11-22 00:19 - 00159160 _____ () C:\Windows\system32\perfc007.dat
2015-03-27 05:58 - 2015-01-17 21:11 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-03-27 05:56 - 2015-02-11 05:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-27 05:56 - 2015-01-18 17:43 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-27 05:56 - 2015-01-17 21:41 - 00000000 ____D () C:\ProgramData\Origin
2015-03-27 05:56 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-27 05:54 - 2015-01-17 20:40 - 00000000 ____D () C:\Users\Pierre
2015-03-27 05:51 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-27 04:40 - 2015-01-20 19:19 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\vlc
2015-03-27 02:59 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-27 02:51 - 2015-01-17 21:41 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-26 05:43 - 2015-02-21 14:41 - 00000000 ____D () C:\Users\Pierre\Desktop\Photo eBooks
2015-03-26 05:39 - 2015-01-03 15:42 - 00000000 ____D () C:\Users\Pierre\Desktop\Docs
2015-03-24 14:24 - 2015-01-17 20:41 - 00001465 _____ () C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-24 06:01 - 2015-01-18 15:47 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-23 02:18 - 2015-01-17 22:40 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-03-23 02:18 - 2015-01-17 22:40 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-03-21 19:42 - 2015-01-18 15:48 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-18 21:11 - 2015-01-17 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-18 21:10 - 2015-01-17 20:48 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-15 14:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-03-14 16:25 - 2015-01-17 22:40 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-14 14:29 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-14 14:24 - 2015-01-18 10:29 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-14 14:18 - 2013-08-22 15:44 - 05676136 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-14 10:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-14 03:52 - 2015-02-03 21:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-14 03:50 - 2015-02-03 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-14 03:44 - 2013-08-22 14:25 - 00000167 _____ () C:\Windows\win.ini
2015-03-14 03:43 - 2015-01-18 01:38 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-14 03:40 - 2015-01-18 01:38 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-13 20:41 - 2015-02-11 05:45 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-03-13 20:41 - 2015-02-11 05:45 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-13 20:41 - 2015-02-11 05:44 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-13 17:16 - 2015-02-11 05:45 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-13 17:16 - 2015-02-11 05:45 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-13 17:16 - 2015-02-11 05:45 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-13 17:16 - 2015-02-11 05:45 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-13 17:16 - 2015-02-11 05:45 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-13 17:16 - 2015-02-11 05:45 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-12 05:38 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-12 03:27 - 2015-02-03 21:24 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Microsoft Help
2015-03-11 14:10 - 2015-02-11 05:45 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
2015-03-07 20:19 - 2015-01-17 20:41 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Adobe
2015-03-04 22:24 - 2014-11-22 08:40 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 22:24 - 2014-11-22 08:40 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-03 14:17 - 2015-01-18 01:41 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-27 02:29 - 2015-01-25 23:30 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\FileZilla
2015-02-27 02:29 - 2015-01-19 16:04 - 00000000 ____D () C:\Windows\Minidump
2015-02-27 02:29 - 2015-01-18 18:57 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\TS3Client

==================== Files in the root of some directories =======

2015-01-25 22:38 - 2015-02-14 07:16 - 0000132 _____ () C:\Users\Pierre\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-03-27 03:28 - 2015-03-27 03:28 - 0473850 _____ () C:\ProgramData\1427423217.bdinstall.bin

Some content of TEMP:
====================
C:\Users\Pierre\AppData\Local\Temp\Quarantine.exe
C:\Users\Pierre\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pierre\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-24 04:49

==================== End Of Log ============================
--- --- ---

--- --- ---


Additions:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Pierre at 2015-03-28 04:29:53
Running from C:\Users\Pierre\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Ashampoo Burning Studio 15 v.15.0.2 (HKLM-x32\...\{91B33C97-5B38-0A92-D04A-A0F26F3F87D4}_is1) (Version: 15.0.2 - Ashampoo GmbH & Co. KG)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
Battlefield 4™ CTE (HKLM-x32\...\{551A08D1-B60E-4DED-9B67-C3B38258CCA3}) (Version: 1.0.2.27931 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon MX510 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX510_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Cinergy T Stick Driver Installation (64 Bit) (HKLM-x32\...\{1F64A9D9-1014-4703-9AB3-D40186EC1FD9}) (Version: 8.08.18.01 - TERRATEC Electronic GmbH)
DVBViewer TERRATEC Edition (HKLM-x32\...\DVBViewer TERRATEC Edition_is1) (Version:  - CM&V)
EaseUS Partition Master 10.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GRID Autosport Limited Black Edition MULTi2 1.0 (HKLM-x32\...\GRID Autosport Limited Black Edition MULTi2 1.0) (Version:  - )
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.88 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERRATEC Cinergy T Stick RC (64 Bit) (HKLM-x32\...\{A290163E-E47C-4557-89F0-AA2CE2E06060}) (Version: 64.1.1129.2011 - TERRATEC)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows-Treiberpaket - TerraTec  (AF9035BDA) Media  (05/18/2009 8.08.18.01) (HKLM\...\097FFCDCC4FD60E5718889F1A1C7F15458FD6845) (Version: 05/18/2009 8.08.18.01 - TerraTec )
Windows-Treiberpaket - TERRATEC  (AF9035BDA) Media  (11/05/2009 9.6.3.1) (HKLM\...\CF478D3890C4E28A2A2BB33086006C0E8625AF01) (Version: 11/05/2009 9.6.3.1 - TERRATEC )
Windows-Treiberpaket - TERRATEC  (RTL2832U_IRHID) HIDClass  (12/15/2011 8664.003.0925.2009) (HKLM\...\B6F57F88D26B29F80CE11F40BFCB2158BAFE495A) (Version: 12/15/2011 8664.003.0925.2009 - TERRATEC )
Windows-Treiberpaket - TERRATEC  (RTL2832UUSB) MEDIA  (11/29/2011 64.001.1129.2011) (HKLM\...\8BA122B98940C626C60BFEE7798BC43093ECC21C) (Version: 11/29/2011 64.001.1129.2011 - TERRATEC )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2015-01-21 21:20 - 00000980 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1                  practivate.adobe.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0259544A-2186-493F-A3A8-BD8110214E93} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-14] (Microsoft Corporation)
Task: {03F5DAE8-861F-4F68-9266-1F584B3D3DB7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {15713FED-7FF7-442C-B24D-AE48A5DED7ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18] (Google Inc.)
Task: {4F91AF37-4C49-44A4-B08E-3DBA4096850B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {5DA8DE5E-B4B5-4BE8-9854-5DDAD899B2D3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18] (Google Inc.)
Task: {82E2AE85-247C-4A9C-BA67-F7E87A8171E5} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-01-17] ()
Task: {8F191BFD-6828-4440-B6AC-A176F5F6FD33} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-info@pw-photoart.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {A58408B3-CA33-41A3-8931-F91A21C57654} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-14] (Adobe Systems Incorporated)
Task: {B95E531B-1E85-4808-891C-DBF8E8D44318} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PW-PHOTOART-Pierre PW-PhotoArt => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)
Task: {C55B08AA-9104-4C00-9CF6-52F75F6A9635} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {D00665B5-F956-4897-B369-9311FBE8026C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job =>

==================== Loaded Modules (whitelisted) ==============

2015-03-27 03:28 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-03-27 03:28 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-03-27 03:28 - 2014-12-17 14:34 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-03-27 03:28 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-03-27 03:34 - 2015-03-27 03:34 - 00784712 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttpbr.mdl
2015-03-27 03:34 - 2015-03-27 03:34 - 00573544 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttpdsp.mdl
2015-03-27 03:34 - 2015-03-27 03:34 - 02657264 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttpph.mdl
2015-03-27 03:34 - 2015-03-27 03:34 - 01331648 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttprbl.mdl
2015-02-11 05:45 - 2015-03-13 17:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-17 23:40 - 2015-02-14 03:53 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-01-21 03:06 - 2015-01-21 03:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-01-17 21:42 - 2015-03-27 02:51 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-01-17 21:42 - 2015-03-27 02:51 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-01-17 21:42 - 2015-03-27 02:51 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-01-17 21:42 - 2015-03-27 02:51 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-01-17 21:42 - 2015-03-27 02:51 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-01-17 21:42 - 2015-03-27 02:51 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-01-17 21:42 - 2015-03-27 02:51 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-01-17 21:42 - 2015-03-27 02:51 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-01-17 21:42 - 2015-03-27 02:51 - 00228352 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2014-12-03 19:07 - 2014-12-03 19:07 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu
2015-01-13 16:37 - 2015-01-13 16:37 - 00298808 _____ () C:\Program Files (x86)\Battlelog Web Plugins\launcher-157.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Pierre\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tammgF119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tammgR119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tammgF119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tammgR119.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\Control Panel\Desktop\\Wallpaper -> F:\2015\03-02 - Enny & Morgan Studio #1\web\IMG_8527-2.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "HDAudDeck"
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-4038099733-1638177181-3844028860-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_C5FC491E2CAB4BC85E5326FDF3ED6A98"

==================== Accounts: =============================

Administrator (S-1-5-21-4038099733-1638177181-3844028860-500 - Administrator - Disabled)
Gast (S-1-5-21-4038099733-1638177181-3844028860-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4038099733-1638177181-3844028860-1003 - Limited - Enabled)
Pierre (S-1-5-21-4038099733-1638177181-3844028860-1001 - Administrator - Enabled) => C:\Users\Pierre

==================== Faulty Device Manager Devices =============

Name: t03g
Description: t03g
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/28/2015 04:28:40 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (03/28/2015 02:47:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.1.922, Zeitstempel: 0x55010546
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x1ffc
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5

Error: (03/28/2015 02:47:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (03/28/2015 02:47:28 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (03/28/2015 02:41:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.1.922, Zeitstempel: 0x55010546
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xd40
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5

Error: (03/28/2015 02:39:54 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Beschreibung = Revo Uninstaller's restore point - Mozilla Maintenance Service; Fehler = 0x80070422).

Error: (03/28/2015 02:38:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.1.922, Zeitstempel: 0x55010546
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x1638
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5

Error: (03/28/2015 02:37:30 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Beschreibung = Revo Uninstaller's restore point - Google Chrome; Fehler = 0x80070422).

Error: (03/28/2015 02:36:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.1.922, Zeitstempel: 0x55010546
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xf84
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5

Error: (03/28/2015 02:27:24 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Beschreibung = Revo Uninstaller's restore point - Mozilla Firefox 36.0.4 (x86 de); Fehler = 0x80070422).


System errors:
=============
Error: (03/27/2015 04:10:13 AM) (Source: DCOM) (EventID: 10010) (User: PW-PHOTOART)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (03/27/2015 03:25:30 AM) (Source: DCOM) (EventID: 10010) (User: PW-PHOTOART)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/27/2015 03:25:00 AM) (Source: DCOM) (EventID: 10010) (User: PW-PHOTOART)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/27/2015 03:24:30 AM) (Source: DCOM) (EventID: 10010) (User: PW-PHOTOART)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/27/2015 03:24:00 AM) (Source: DCOM) (EventID: 10010) (User: PW-PHOTOART)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/27/2015 03:23:29 AM) (Source: DCOM) (EventID: 10010) (User: PW-PHOTOART)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/27/2015 03:22:59 AM) (Source: DCOM) (EventID: 10010) (User: PW-PHOTOART)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================
Error: (03/28/2015 04:28:40 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (03/28/2015 02:47:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.1.92255010546MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd1ffc01d068f936449399C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll754e2b46-d4ec-11e4-826c-20cf307ee358

Error: (03/28/2015 02:47:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Pierre\Downloads\esetsmartinstaller_deu.exe

Error: (03/28/2015 02:47:28 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Pierre\Downloads\esetsmartinstaller_deu.exe

Error: (03/28/2015 02:41:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.1.92255010546MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdd4001d068f84277fe21C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll8190d81d-d4eb-11e4-826c-20cf307ee358

Error: (03/28/2015 02:39:54 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" Revo Uninstaller's restore point - Mozilla Maintenance Service0x80070422

Error: (03/28/2015 02:38:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.1.92255010546MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd163801d068f7de205a82C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll1d2adc6a-d4eb-11e4-826c-20cf307ee358

Error: (03/28/2015 02:37:30 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" Revo Uninstaller's restore point - Google Chrome0x80070422

Error: (03/28/2015 02:36:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.1.92255010546MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdf8401d0684a61eecc93C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dlle07f2154-d4ea-11e4-826c-20cf307ee358

Error: (03/28/2015 02:27:24 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" Revo Uninstaller's restore point - Mozilla Firefox 36.0.4 (x86 de)0x80070422


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 37%
Total physical RAM: 8190.78 MB
Available physical RAM: 5115.54 MB
Total Pagefile: 9535.05 MB
Available Pagefile: 5395.09 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (Windows 8.1) (Fixed) (Total:476.84 GB) (Free:272.45 GB) NTFS
Drive e: (Downloads) (Fixed) (Total:465.76 GB) (Free:181.31 GB) NTFS
Drive f: (Photos) (Fixed) (Total:511.51 GB) (Free:252.24 GB) NTFS
Drive h: (Programme) (Fixed) (Total:120 GB) (Free:90.08 GB) NTFS
Drive i: (Spiele) (Fixed) (Total:300 GB) (Free:113.14 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: 786F9D4A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 350AFD0C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3E6A3E69)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Ps.: Bis jetzt keine Probleme und keine Links, die sich öffnen :) Danke Ihnen!

schrauber 28.03.2015 12:36
Java updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
E:\Backup 03.11.2013\Other Files\light_image_resizer4_setup_4.3.2.2b_linkular.exe

E:\Backup 03.11.2013\Other Files\Setups 10.10.2010\ashampoo_burning_studio_2010_advanced_9.24_7590.exe

E:\Backup 03.11.2013\Other Files\Setups 10.10.2010\Core-Temp-setup.exe

E:\Backup 03.11.2013\Other Files\Setups 10.10.2010\MsgPlusLive-485.exe

E:\STICK SICHERUNG\Christian\Pictures\Neuer Ordner (2)\HARRISS XL\VLC Media Player 1.0.3\vlc-1.0.3-win32.exe
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:37 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131