mariomon11 | 19.11.2013 15:45 | bitte sehr, das
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013
Ran by Kiwi (administrator) on GAMER-PC on 19-11-2013 15:40:47
Running from C:\Users\Kiwi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Spotify Ltd) C:\Users\Kiwi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nexon Korea Corp.) C:\Nexon\NexonPlug\NexonPlug.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
() C:\Program Files (x86)\Trust Gaming Mouse\Mouse.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ppy) C:\Program Files (x86)\osu!\osu!.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Scan\Engine\4.0.3.24\NSS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Farbar) C:\Users\Kiwi\Desktop\FRST64 (3).exe
(McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saUpd.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe [564352 2011-12-15] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2867984 2011-12-22] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-05-21] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [6199128 2012-05-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-05-21] (Lenovo)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-01] ()
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1476104 2012-12-20] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2012-12-18] (Samsung Electronics)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung)
HKCU\...\Run: [Spotify] - C:\Users\Kiwi\AppData\Roaming\Spotify\spotify.exe [4643328 2013-06-23] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Kiwi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-06-23] (Spotify Ltd)
HKCU\...\Run: [NexonPlug] - C:\Nexon\NexonPlug\NexonPlug.exe [2120024 2013-10-16] (Nexon Korea Corp.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [LockKey] - C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-25] ( )
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331_STI.EXE [548864 2011-11-24] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-28] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-28] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-05-21] (Lenovo)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [87336 2010-02-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-28] (cyberlink)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Trust Gaming Mouse] - C:\Program Files (x86)\Trust Gaming Mouse\Mouse.exe [2245632 2011-01-17] ()
HKLM-x32\...\Run: [TQ566808] - "F:\Setup.exe"
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [2420248 2013-11-14] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKU\Default\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-08-08] (Lenovo)
HKU\Default User\...\RunOnce: [Lenovo.ShowBand] - C:\SWTOOLS\SimpleTap DeskBand\ShowBand.exe /show
HKU\UpdatusUser\...\Run: [Power2GoExpress] - NA
AppInit_DLLs: C:\ProgramData\BitGuard\2.7.1769.27\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll [1952224 2013-10-22] ()
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Kiwi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Kiwi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.nexon.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633ee93-d776-472f-a0ff-e1416b8b2e3a} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U10) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.100.18) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (SiteAdvisor) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_1
CHR Extension: (Google Docs) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0
CHR Extension: (Google Search) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (FrankerFaceZ) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb\1.40_0
CHR Extension: (SiteAdvisor) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_1
CHR Extension: (Auto Replay for YouTube) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.28_0
CHR Extension: (Auto HD For YouTube\u2122) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\5.24_0
CHR Extension: (AVG Secure Search) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.1.2.1_0
CHR Extension: (Pokemon Red) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkgicmllgmdcfmfpjmkaoepfikefmlh\1_0
CHR Extension: (Google Wallet) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.1.2.1\avg.crx
==================== Services (Whitelisted) =================
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1358944 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-01] (Broadcom Corporation.)
S2 CLKMSVC10_3A60B698; C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
R2 DamageGuardSvc; C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe [572976 2012-02-13] (Lenovo (Beijing) Limited)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [30184 2013-08-08] ()
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [101048 2011-02-16] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5127200 2013-05-26] (INCA Internet Co., Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)
R2 vToolbarUpdater17.1.2; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe [1734680 2013-11-14] (AVG Secure Search)
==================== Drivers (Whitelisted) ====================
S3 ActionReplayDS; C:\Windows\System32\Drivers\ActionReplayDS_x64.sys [51600 2007-02-08] (Thesycon GmbH, Germany)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-03-21] (AVAST Software)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [147768 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-11-03] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-05-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-05-04] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-05-04] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-05-04] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-05-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-05-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [239416 2013-05-04] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-14] (AVG Technologies)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R1 DamageGuard; C:\Windows\System32\DRIVERS\DamageGuardX64.sys [217392 2012-02-10] (Lenovo)
R1 dgFltr; C:\Windows\System32\drivers\dgFltrX64.sys [23648 2011-12-13] (Lenovo)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [952832 2011-12-06] (Vimicro Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
U3 BcmSqlStartupSvc;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
U2 iATAgentService;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 Oasis2Service;
U2 PCCarerService;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SeaPort;
U2 SoftwareService;
U3 SQLWriter;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-19 15:40 - 2013-11-19 15:40 - 00024532 _____ C:\Users\Kiwi\Desktop\FRST.txt
2013-11-19 15:39 - 2013-11-19 15:39 - 01957964 _____ (Farbar) C:\Users\Kiwi\Desktop\FRST64 (3).exe
2013-11-19 15:37 - 2013-11-19 15:37 - 00003630 _____ C:\Windows\System32\Tasks\Norton Security Scan for Kiwi
2013-11-19 15:37 - 2013-11-19 15:37 - 00000474 ____H C:\Windows\Tasks\Norton Security Scan for Kiwi.job
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\Windows\system32\Drivers\NSSx64
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\ProgramData\Symantec
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\ProgramData\Norton
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2013-11-19 15:35 - 2013-11-19 15:35 - 00000020 ___SH C:\Users\TEMP\ntuser.ini
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Vorlagen
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Startmenü
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Netzwerkumgebung
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Lokale Einstellungen
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Eigene Dateien
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Druckumgebung
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Documents\Eigene Musik
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Documents\Eigene Bilder
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Verlauf
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Anwendungsdaten
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Anwendungsdaten
2013-11-19 15:35 - 2013-05-09 13:56 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\TuneUp Software
2013-11-19 15:35 - 2012-05-21 19:03 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Macromedia
2013-11-19 15:35 - 2012-05-21 19:02 - 00002115 _____ C:\Users\TEMP\Desktop\OneKey Recovery.lnk
2013-11-19 15:35 - 2012-05-21 19:02 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-11-19 15:35 - 2012-05-21 18:57 - 00001151 _____ C:\Users\TEMP\Desktop\Cyberlink Power2Go.lnk
2013-11-19 15:35 - 2010-12-19 06:31 - 00000189 _____ C:\Users\TEMP\Desktop\Lenovo Telephony Start Now.url
2013-11-19 15:35 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-19 15:35 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-18 17:37 - 2013-11-18 17:37 - 04897880 _____ (Adobe Systems Inc.) C:\Users\Kiwi\Downloads\Shockwave_Installer_Slim (1).exe
2013-11-17 13:45 - 2013-11-17 13:45 - 00985600 _____ C:\Users\Kiwi\Downloads\MicrosoftFixit50123.msi
2013-11-17 11:48 - 2013-11-17 11:49 - 00000000 ___SD C:\uninstall.exe
2013-11-17 11:36 - 2013-11-19 00:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-17 11:36 - 2013-11-17 11:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-17 11:36 - 2013-11-17 11:36 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-17 11:36 - 2013-11-17 11:36 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-17 11:36 - 2013-11-17 11:36 - 00000000 ____D C:\Windows\system32\Macromed
2013-11-17 11:26 - 2013-11-17 11:26 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Secunia PSI
2013-11-17 11:26 - 2013-11-17 11:26 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-11-17 11:26 - 2013-11-04 13:42 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-11-17 11:18 - 2013-11-17 11:18 - 03865488 _____ (Secunia) C:\Users\Kiwi\Downloads\PSI9015Setup.exe
2013-11-17 11:16 - 2013-11-17 11:16 - 00000000 ____D C:\a2df232b4d27f48767d2b7
2013-11-16 17:53 - 2013-11-16 17:53 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-11-16 12:29 - 2013-11-16 12:30 - 43386880 _____ C:\Users\Kiwi\Downloads\jre-7u45-windows-x64.gz
2013-11-16 12:27 - 2013-11-16 12:27 - 30694824 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\jre-7u45-windows-x64 (1).exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-16 12:25 - 2013-11-16 12:25 - 00000000 ____D C:\ProgramData\Oracle
2013-11-16 12:24 - 2013-11-16 12:24 - 30694824 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\jre-7u45-windows-x64.exe
2013-11-16 12:22 - 2013-11-16 12:22 - 00915368 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\chromeinstall-7u45 (1).exe
2013-11-16 12:17 - 2013-11-16 12:17 - 00000000 ____D C:\Users\Kiwi\Documents\Adobe Application Manager 7.0
2013-11-16 12:15 - 2013-11-16 12:16 - 65088528 _____ (Adobe Systems Incorporated) C:\Users\Kiwi\Downloads\ApplicationManager7.0_all.exe
2013-11-16 12:05 - 2013-11-16 12:05 - 00915368 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\chromeinstall-7u45.exe
2013-11-16 11:27 - 2013-11-16 11:27 - 01550496 _____ (Skype Technologies S.A.) C:\Users\Kiwi\Downloads\SkypeSetup.exe
2013-11-16 11:27 - 2013-11-16 11:27 - 00002727 _____ C:\Users\Public\Desktop\Skype.lnk
2013-11-16 11:27 - 2013-11-16 11:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-15 13:57 - 2013-11-17 11:47 - 00000000 ____D C:\Users\Kiwi\Desktop\Alles von antivirus kram
2013-11-15 13:20 - 2013-11-15 13:20 - 01957794 _____ (Farbar) C:\Users\Kiwi\Downloads\FRST64 (2).exe
2013-11-15 13:04 - 2013-11-15 13:04 - 00891184 _____ C:\Users\Kiwi\Downloads\SecurityCheck.exe
2013-11-15 12:47 - 2013-11-15 12:48 - 02347384 _____ (ESET) C:\Users\Kiwi\Downloads\esetsmartinstaller_enu.exe
2013-11-14 19:29 - 2013-11-14 19:29 - 00000000 ____D C:\Windows\ERUNT
2013-11-14 19:28 - 2013-11-14 19:28 - 01034531 _____ (Thisisu) C:\Users\Kiwi\Downloads\JRT.exe
2013-11-14 15:53 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 15:53 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 15:53 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 15:53 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 15:53 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 15:53 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 15:50 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 15:50 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 15:50 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 15:50 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 15:50 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 15:50 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 15:50 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 15:48 - 2013-11-14 15:48 - 01085542 _____ C:\Users\Kiwi\Downloads\adwcleaner (2).exe
2013-11-14 15:48 - 2013-11-14 15:48 - 01085542 _____ C:\Users\Kiwi\Downloads\adwcleaner (1).exe
2013-11-14 15:28 - 2013-11-14 15:28 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Malwarebytes
2013-11-14 15:28 - 2013-11-14 15:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-14 15:28 - 2013-11-14 15:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-14 15:28 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-14 15:27 - 2013-11-14 15:27 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kiwi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-14 15:25 - 2013-11-14 15:25 - 05145576 _____ (Swearware) C:\Users\Kiwi\Downloads\ComboFix.exe
2013-11-13 17:58 - 2013-11-13 17:58 - 01957610 _____ (Farbar) C:\Users\Kiwi\Downloads\FRST64 (1).exe
2013-11-12 13:54 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-12 13:54 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-12 13:54 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-12 13:54 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-12 13:54 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-12 13:54 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2013-11-12 13:54 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-12 13:54 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-12 13:54 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-12 13:50 - 2013-11-12 13:53 - 00000000 ____D C:\Qoobox
2013-11-12 13:45 - 2013-11-12 13:45 - 00000000 ____D C:\Windows\erdnt
2013-11-11 20:06 - 2013-11-11 20:06 - 00000000 ____D C:\FRST
2013-11-11 20:03 - 2013-11-11 20:03 - 01957590 _____ (Farbar) C:\Users\Kiwi\Downloads\FRST64.exe
2013-11-11 20:03 - 2013-11-11 20:03 - 00377856 _____ C:\Users\Kiwi\Downloads\gmer_2.1.19163.exe
2013-11-11 20:03 - 2013-11-11 20:03 - 00050477 _____ C:\Users\Kiwi\Downloads\Defogger.exe
2013-11-11 19:48 - 2013-11-17 11:11 - 00000000 ____D C:\AdwCleaner
2013-11-11 19:47 - 2013-11-11 19:47 - 01085542 _____ C:\Users\Kiwi\Downloads\adwcleaner.exe
2013-11-11 18:37 - 2013-11-11 19:23 - 00001908 _____ C:\Windows\diagwrn.xml
2013-11-11 18:37 - 2013-11-11 19:23 - 00001908 _____ C:\Windows\diagerr.xml
2013-11-11 18:37 - 2013-11-11 18:57 - 00000000 ____D C:\$WINDOWS.~BT
2013-11-04 19:24 - 2013-11-04 19:24 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Adobe
2013-11-04 19:24 - 2013-11-04 19:24 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Adobe
2013-11-04 17:39 - 2013-11-04 19:19 - 00000000 ____D C:\ProgramData\MFAData
2013-11-04 17:39 - 2013-11-04 19:19 - 00000000 ____D C:\ProgramData\MFAData
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\MFAData
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\MFAData
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Avg2014
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Avg2014
2013-11-04 17:38 - 2013-11-04 17:38 - 04424240 _____ (AVG Technologies) C:\Users\Kiwi\Downloads\avg_avct_stb_all_2014_4116_cm10.exe
2013-11-03 18:26 - 2013-11-03 18:26 - 00057144 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgfwd6a.sys
2013-11-03 18:22 - 2013-11-03 18:22 - 04436536 _____ (AVG Technologies) C:\Users\Kiwi\Downloads\avg_isct_stb_all_2014_4158.exe
2013-11-03 17:53 - 2013-11-03 17:53 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Google
2013-11-03 17:53 - 2013-11-03 17:53 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Google
2013-11-03 03:00 - 2013-11-03 03:00 - 00000000 ____D C:\ProgramData\BitGuard
2013-11-03 03:00 - 2013-11-03 03:00 - 00000000 ____D C:\ProgramData\BitGuard
2013-11-02 21:40 - 2013-11-03 14:09 - 00000165 _____ C:\Users\Kiwi\Desktop\tembild.txt
2013-10-29 21:18 - 2013-10-29 21:18 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-24 19:18 - 2013-11-17 01:59 - 00002003 _____ C:\Users\Kiwi\Desktop\cooki.txt
2013-10-23 17:49 - 2013-10-23 17:49 - 00837410 _____ C:\Users\Kiwi\Downloads\117826 Duca - Welcome Berry's (1).osz
2013-10-22 02:11 - 2013-10-22 02:16 - 258366720 _____ (NVIDIA Corporation) C:\Users\Kiwi\Downloads\331.58-notebook-win8-win7-64bit-international-whql.exe
2013-10-21 20:47 - 2013-10-21 20:47 - 00001290 _____ C:\Users\Kiwi\Desktop\MineLaunchSP - Verknüpfung.lnk
2013-10-21 20:45 - 2013-10-21 20:45 - 00000000 ____D C:\Users\Kiwi\Desktop\minecraft
2013-10-21 18:39 - 2013-10-21 18:39 - 00000000 ____D C:\Users\Kiwi\Downloads\mc152-mods (1)
2013-10-21 18:20 - 2013-10-21 18:38 - 544515098 _____ C:\Users\Kiwi\Downloads\mc152-mods (1).zip
2013-10-21 18:08 - 2013-10-21 18:14 - 172932726 _____ C:\Users\Kiwi\Downloads\mc152-mods.zip
==================== One Month Modified Files and Folders =======
2013-11-19 15:43 - 2013-01-01 03:03 - 00000000 ____D C:\Users\Kiwi\AppData\Local\PMB Files
2013-11-19 15:42 - 2013-11-19 15:40 - 00024532 _____ C:\Users\Kiwi\Desktop\FRST.txt
2013-11-19 15:40 - 2012-12-31 12:54 - 00000000 ____D C:\Program Files (x86)\osu!
2013-11-19 15:39 - 2013-11-19 15:39 - 01957964 _____ (Farbar) C:\Users\Kiwi\Desktop\FRST64 (3).exe
2013-11-19 15:38 - 2012-12-31 12:48 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Skype
2013-11-19 15:37 - 2013-11-19 15:37 - 00003630 _____ C:\Windows\System32\Tasks\Norton Security Scan for Kiwi
2013-11-19 15:37 - 2013-11-19 15:37 - 00000474 ____H C:\Windows\Tasks\Norton Security Scan for Kiwi.job
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\Windows\system32\Drivers\NSSx64
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\ProgramData\Symantec
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\ProgramData\Norton
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2013-11-19 15:35 - 2013-11-19 15:35 - 00000020 ___SH C:\Users\TEMP\ntuser.ini
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Vorlagen
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Startmenü
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Netzwerkumgebung
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Lokale Einstellungen
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Eigene Dateien
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Druckumgebung
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Documents\Eigene Musik
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Documents\Eigene Bilder
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Verlauf
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Anwendungsdaten
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Anwendungsdaten
2013-11-19 15:35 - 2013-04-13 17:06 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Spotify
2013-11-19 15:32 - 2013-01-27 17:00 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-19 15:32 - 1601-01-02 05:16 - 00250299 _____ C:\Windows\system32\fastboot.set
2013-11-19 15:31 - 2012-05-21 19:01 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-19 15:28 - 1601-01-02 05:16 - 00001117 _____ C:\Windows\setupact.log
2013-11-19 15:28 - 1601-01-02 05:16 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-19 00:25 - 2012-05-21 18:17 - 01764577 _____ C:\Windows\WindowsUpdate.log
2013-11-19 00:21 - 2013-11-17 11:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-18 23:46 - 2012-05-21 19:01 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-18 17:37 - 2013-11-18 17:37 - 04897880 _____ (Adobe Systems Inc.) C:\Users\Kiwi\Downloads\Shockwave_Installer_Slim (1).exe
2013-11-18 17:37 - 2013-01-01 03:36 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-11-17 13:45 - 2013-11-17 13:45 - 00985600 _____ C:\Users\Kiwi\Downloads\MicrosoftFixit50123.msi
2013-11-17 12:12 - 2013-06-27 10:57 - 00449148 _____ C:\Windows\PFRO.log
2013-11-17 11:49 - 2013-11-17 11:48 - 00000000 ___SD C:\uninstall.exe
2013-11-17 11:47 - 2013-11-15 13:57 - 00000000 ____D C:\Users\Kiwi\Desktop\Alles von antivirus kram
2013-11-17 11:41 - 2013-08-02 21:27 - 00000000 ____D C:\Users\Kiwi\Desktop\Neuer Ordner (2)
2013-11-17 11:40 - 2012-12-31 12:47 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Adobe
2013-11-17 11:36 - 2013-11-17 11:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-17 11:36 - 2013-11-17 11:36 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-17 11:36 - 2013-11-17 11:36 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-17 11:36 - 2013-11-17 11:36 - 00000000 ____D C:\Windows\system32\Macromed
2013-11-17 11:26 - 2013-11-17 11:26 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Secunia PSI
2013-11-17 11:26 - 2013-11-17 11:26 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-11-17 11:18 - 2013-11-17 11:18 - 03865488 _____ (Secunia) C:\Users\Kiwi\Downloads\PSI9015Setup.exe
2013-11-17 11:16 - 2013-11-17 11:16 - 00000000 ____D C:\a2df232b4d27f48767d2b7
2013-11-17 11:11 - 2013-11-11 19:48 - 00000000 ____D C:\AdwCleaner
2013-11-17 01:59 - 2013-10-24 19:18 - 00002003 _____ C:\Users\Kiwi\Desktop\cooki.txt
2013-11-16 17:53 - 2013-11-16 17:53 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-11-16 12:30 - 2013-11-16 12:29 - 43386880 _____ C:\Users\Kiwi\Downloads\jre-7u45-windows-x64.gz
2013-11-16 12:28 - 2013-01-10 11:38 - 00000000 ____D C:\Program Files\Java
2013-11-16 12:27 - 2013-11-16 12:27 - 30694824 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\jre-7u45-windows-x64 (1).exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-16 12:25 - 2013-11-16 12:25 - 00000000 ____D C:\ProgramData\Oracle
2013-11-16 12:24 - 2013-11-16 12:24 - 30694824 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\jre-7u45-windows-x64.exe
2013-11-16 12:22 - 2013-11-16 12:22 - 00915368 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\chromeinstall-7u45 (1).exe
2013-11-16 12:22 - 2013-01-10 11:41 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-16 12:17 - 2013-11-16 12:17 - 00000000 ____D C:\Users\Kiwi\Documents\Adobe Application Manager 7.0
2013-11-16 12:16 - 2013-11-16 12:15 - 65088528 _____ (Adobe Systems Incorporated) C:\Users\Kiwi\Downloads\ApplicationManager7.0_all.exe
2013-11-16 12:05 - 2013-11-16 12:05 - 00915368 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\chromeinstall-7u45.exe
2013-11-16 11:28 - 2012-12-31 12:48 - 00000000 ____D C:\ProgramData\Skype
2013-11-16 11:27 - 2013-11-16 11:27 - 01550496 _____ (Skype Technologies S.A.) C:\Users\Kiwi\Downloads\SkypeSetup.exe
2013-11-16 11:27 - 2013-11-16 11:27 - 00002727 _____ C:\Users\Public\Desktop\Skype.lnk
2013-11-16 11:27 - 2013-11-16 11:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-15 18:14 - 2012-12-31 13:05 - 00000000 ____D C:\Users\Kiwi\Desktop\Bilder Undso
2013-11-15 13:20 - 2013-11-15 13:20 - 01957794 _____ (Farbar) C:\Users\Kiwi\Downloads\FRST64 (2).exe
2013-11-15 13:04 - 2013-11-15 13:04 - 00891184 _____ C:\Users\Kiwi\Downloads\SecurityCheck.exe
2013-11-15 12:53 - 1601-01-02 05:16 - 01672852 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-15 12:53 - 1601-01-02 05:16 - 00727118 _____ C:\Windows\system32\perfh007.dat
2013-11-15 12:53 - 1601-01-02 05:16 - 00158012 _____ C:\Windows\system32\perfc007.dat
2013-11-15 12:48 - 2013-11-15 12:47 - 02347384 _____ (ESET) C:\Users\Kiwi\Downloads\esetsmartinstaller_enu.exe
2013-11-14 20:03 - 2013-07-27 02:00 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 20:00 - 1601-01-02 05:16 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 19:29 - 2013-11-14 19:29 - 00000000 ____D C:\Windows\ERUNT
2013-11-14 19:28 - 2013-11-14 19:28 - 01034531 _____ (Thisisu) C:\Users\Kiwi\Downloads\JRT.exe
2013-11-14 18:26 - 2013-09-25 17:01 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search
2013-11-14 18:26 - 1601-01-02 05:16 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-11-14 15:48 - 2013-11-14 15:48 - 01085542 _____ C:\Users\Kiwi\Downloads\adwcleaner (2).exe
2013-11-14 15:48 - 2013-11-14 15:48 - 01085542 _____ C:\Users\Kiwi\Downloads\adwcleaner (1).exe
2013-11-14 15:28 - 2013-11-14 15:28 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Malwarebytes
2013-11-14 15:28 - 2013-11-14 15:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-14 15:28 - 2013-11-14 15:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-14 15:27 - 2013-11-14 15:27 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kiwi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-14 15:25 - 2013-11-14 15:25 - 05145576 _____ (Swearware) C:\Users\Kiwi\Downloads\ComboFix.exe
2013-11-13 17:58 - 2013-11-13 17:58 - 01957610 _____ (Farbar) C:\Users\Kiwi\Downloads\FRST64 (1).exe
2013-11-12 13:53 - 2013-11-12 13:50 - 00000000 ____D C:\Qoobox
2013-11-12 13:45 - 2013-11-12 13:45 - 00000000 ____D C:\Windows\erdnt
2013-11-11 20:06 - 2013-11-11 20:06 - 00000000 ____D C:\FRST
2013-11-11 20:03 - 2013-11-11 20:03 - 01957590 _____ (Farbar) C:\Users\Kiwi\Downloads\FRST64.exe
2013-11-11 20:03 - 2013-11-11 20:03 - 00377856 _____ C:\Users\Kiwi\Downloads\gmer_2.1.19163.exe
2013-11-11 20:03 - 2013-11-11 20:03 - 00050477 _____ C:\Users\Kiwi\Downloads\Defogger.exe
2013-11-11 19:47 - 2013-11-11 19:47 - 01085542 _____ C:\Users\Kiwi\Downloads\adwcleaner.exe
2013-11-11 19:30 - 2009-07-14 05:45 - 00316560 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-11 19:23 - 2013-11-11 18:37 - 00001908 _____ C:\Windows\diagwrn.xml
2013-11-11 19:23 - 2013-11-11 18:37 - 00001908 _____ C:\Windows\diagerr.xml
2013-11-11 19:20 - 1601-01-02 05:16 - 00000000 _____ C:\Windows\setuperr.log
2013-11-11 18:57 - 2013-11-11 18:37 - 00000000 ____D C:\$WINDOWS.~BT
2013-11-04 19:24 - 2013-11-04 19:24 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Adobe
2013-11-04 19:24 - 2013-11-04 19:24 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Adobe
2013-11-04 19:19 - 2013-11-04 17:39 - 00000000 ____D C:\ProgramData\MFAData
2013-11-04 19:19 - 2013-11-04 17:39 - 00000000 ____D C:\ProgramData\MFAData
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\MFAData
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\MFAData
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Avg2014
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Avg2014
2013-11-04 17:38 - 2013-11-04 17:38 - 04424240 _____ (AVG Technologies) C:\Users\Kiwi\Downloads\avg_avct_stb_all_2014_4116_cm10.exe
2013-11-04 13:42 - 2013-11-17 11:26 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-11-03 18:26 - 2013-11-03 18:26 - 00057144 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgfwd6a.sys
2013-11-03 18:22 - 2013-11-03 18:22 - 04436536 _____ (AVG Technologies) C:\Users\Kiwi\Downloads\avg_isct_stb_all_2014_4158.exe
2013-11-03 17:53 - 2013-11-03 17:53 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Google
2013-11-03 17:53 - 2013-11-03 17:53 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Google
2013-11-03 14:09 - 2013-11-02 21:40 - 00000165 _____ C:\Users\Kiwi\Desktop\tembild.txt
2013-11-03 14:08 - 2013-09-25 17:00 - 00000000 ____D C:\ProgramData\AVG2014
2013-11-03 03:00 - 2013-11-03 03:00 - 00000000 ____D C:\ProgramData\BitGuard
2013-11-03 03:00 - 2013-11-03 03:00 - 00000000 ____D C:\ProgramData\BitGuard
2013-11-02 19:05 - 2013-06-02 00:13 - 00001507 _____ C:\Users\Kiwi\Desktop\Neues Textdokument.txt
2013-10-31 21:53 - 2012-09-15 17:02 - 00000000 ___RD C:\Users\Kiwi\Desktop\.
2013-10-29 21:18 - 2013-10-29 21:18 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-28 04:28 - 2013-01-01 03:03 - 00000000 ____D C:\ProgramData\PMB Files
2013-10-23 17:49 - 2013-10-23 17:49 - 00837410 _____ C:\Users\Kiwi\Downloads\117826 Duca - Welcome Berry's (1).osz
2013-10-22 02:16 - 2013-10-22 02:11 - 258366720 _____ (NVIDIA Corporation) C:\Users\Kiwi\Downloads\331.58-notebook-win8-win7-64bit-international-whql.exe
2013-10-22 02:03 - 2013-07-13 10:41 - 00039139 _____ C:\Windows\IE10_main.log
2013-10-22 02:03 - 2013-07-13 10:41 - 00039139 _____ C:\Windows\IE10_main.log
2013-10-21 20:47 - 2013-10-21 20:47 - 00001290 _____ C:\Users\Kiwi\Desktop\MineLaunchSP - Verknüpfung.lnk
2013-10-21 20:45 - 2013-10-21 20:45 - 00000000 ____D C:\Users\Kiwi\Desktop\minecraft
2013-10-21 19:43 - 1601-01-02 05:16 - 548703693 _____ C:\Users\Kiwi\Desktop\minecraft.rar
2013-10-21 18:39 - 2013-10-21 18:39 - 00000000 ____D C:\Users\Kiwi\Downloads\mc152-mods (1)
2013-10-21 18:38 - 2013-10-21 18:20 - 544515098 _____ C:\Users\Kiwi\Downloads\mc152-mods (1).zip
2013-10-21 18:14 - 2013-10-21 18:08 - 172932726 _____ C:\Users\Kiwi\Downloads\mc152-mods.zip
2013-10-21 17:59 - 2013-07-18 20:59 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\.minecraft
Some content of TEMP:
====================
C:\Users\Kiwi\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-26 17:39
==================== End Of Log ============================ --- --- ---
--- --- --- |