Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.10.18.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Cedric :: CEDRIC-PC [Administrator]
Schutz: Aktiviert
18.10.2013 20:06:29
mbam-log-2013-10-18 (20-06-29).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 559779
Laufzeit: 1 Stunde(n), 29 Minute(n), 5 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 1
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Registrierungswerte: 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: {FBEAD7F6-C7A5-11E0-9E60-F46D043E677D} -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 3
C:\AdwCleaner\Quarantine\C\Users\Cedric\AppData\Local\Temp\OCS\ocs_v7d.exe.vir (PUP.Optional.DownloadSponsor.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\Downloads\FlvPlayerSetup.exe (Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\Downloads\SoftonicDownloader_fuer_world-of-warcraft-gatherer.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
AdwCleaner Logfile:
Code:
# AdwCleaner v3.008 - Bericht erstellt am 18/10/2013 um 19:42:14
# Updated 17/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Cedric - CEDRIC-PC
# Gestartet von : C:\Users\Cedric\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\Program Files (x86)\Ask.com
Ordner Gelöscht : C:\Program Files (x86)\Mein Gutscheincode Finder
Ordner Gelöscht : C:\Users\Cedric\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Cedric\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Cedric\AppData\Roaming\Windows Net Data
Ordner Gelöscht : C:\Users\Cedric\AppData\Roaming\Mozilla\Firefox\Profiles\sx7pq9ou.default\Extensions\toolbar@ask.com
Datei Gelöscht : C:\Users\Cedric\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
Datei Gelöscht : C:\Users\Cedric\AppData\Roaming\Mozilla\Firefox\Profiles\sx7pq9ou.default\invalidprefs.js
Datei Gelöscht : C:\Users\Cedric\AppData\Roaming\Mozilla\Firefox\Profiles\sx7pq9ou.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Windows\System32\Tasks\Dealply
Datei Gelöscht : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2724386
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_world-of-warcraft-gatherer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_world-of-warcraft-gatherer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_2
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DealPly
Schlüssel Gelöscht : HKLM\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16720
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [First Home Page]
-\\ Mozilla Firefox v12.0 (de)
[ Datei : C:\Users\Cedric\AppData\Roaming\Mozilla\Firefox\Profiles\sx7pq9ou.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://mystart.incredimail.com/mb68?u=92823239343014025");
-\\ Google Chrome v
[ Datei : C:\Users\Cedric\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : homepage
*************************
AdwCleaner[R0].txt - [10078 octets] - [18/10/2013 19:33:04]
AdwCleaner[S0].txt - [8491 octets] - [18/10/2013 19:42:14]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8551 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v3.008 - Bericht erstellt am 18/10/2013 um 19:51:10
# Updated 17/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Cedric - CEDRIC-PC
# Gestartet von : C:\Users\Cedric\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16720
-\\ Mozilla Firefox v12.0 (de)
[ Datei : C:\Users\Cedric\AppData\Roaming\Mozilla\Firefox\Profiles\sx7pq9ou.default\prefs.js ]
-\\ Google Chrome v
[ Datei : C:\Users\Cedric\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [10078 octets] - [18/10/2013 19:33:04]
AdwCleaner[R1].txt - [1039 octets] - [18/10/2013 19:49:48]
AdwCleaner[S0].txt - [8675 octets] - [18/10/2013 19:42:14]
AdwCleaner[S1].txt - [962 octets] - [18/10/2013 19:51:10]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1021 octets] ##########
--- --- ---
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by Cedric on 18.10.2013 at 21:44:21,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4045075974-3412579544-3843023296-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\anchorfree
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4045075974-3412579544-3843023296-1001\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C0A42898-FF5C-4D4C-A8E4-7285633E5A4A}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{0A69DE79-3976-4B89-A2AB-DAD5537DEAE6}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{0F3A2707-2699-45E7-84E7-2492AD2569C1}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{11247FED-C999-4307-947F-CBE6902CC583}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{1932A973-AF43-415D-8A28-0C8D411F1BA5}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{1A2176C9-B6DC-484C-8CF4-AFA5A4983388}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{1A6D9BA3-E679-47EF-8BC5-BF2E086098FC}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{1C4567EC-492C-454C-8E91-817749093E36}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{2072B782-02F2-4A8F-93E1-759F52F835D6}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{22FF09C5-3CBA-4C56-BB9C-1D0596CEC77B}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{2431A115-0C0D-4E52-ABEC-A3ED798F7086}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{24CCED4C-ECF2-48EC-95D8-F57B758E4DC6}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{26D0F932-F38D-4E12-88DF-65661F3639CD}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{2D10A370-DD66-4D77-8ECD-C6286CCC1170}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{31FC16EB-5E98-4503-80F9-7997FF98E738}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{38156D09-5F43-4BC8-97EC-0ADDCE70CC7B}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{3E7DFFEE-9E69-47AC-96E4-59A76E2D8781}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{3F0687A9-B6B8-4297-BE50-4DA435DE0A8E}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{515514FC-1B70-4E82-9386-41D9CC5A4098}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{516AD885-89AA-45B5-BB00-055B0F40B655}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{56256415-77EA-416E-9E52-B09E21A8DA55}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{5B194E26-5591-4D9B-98DD-D16CE84A0497}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{61D5D014-B59D-4933-AD09-0E8EC95F861F}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{6512378E-42AF-4369-A890-F19CFDF52985}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{6BDF8585-DF33-42A9-9942-8CB999AAEEF6}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{6D769AED-B982-46AA-9BE7-130C2F35C1DA}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{72AA5414-603F-45D6-9B3A-F2CC3CDB97F8}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{7C628799-C8DB-451A-9AE1-1099453E13AE}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{84F7ECB5-3105-48C7-8CD1-612264587DF9}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{8934F89D-E62E-4337-BDFB-A8D46E498C18}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{A986870E-C73A-4403-9B84-D8BD4363916D}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{AB9CA57D-B146-4BD1-B2F2-30FFF3FDFF9B}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{B9B72787-9510-475D-872B-DE5414BB0417}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{BB5B0ADA-A5A1-45AF-952C-BF59FDEAA42A}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{BB66D743-0715-4FA0-93EC-7642D540C45A}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{C0C1E336-7298-429B-8246-C22074B89625}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{C50A2892-9A6F-4797-9A1A-E1685F3799D1}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{D2B5B5C1-E275-4B95-B931-9A2B863E4CB3}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{D996EA58-FCB0-413D-80C6-CB8E3EA165A5}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{DBC47470-6B67-4A19-9F1A-08F05537955D}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{DC5CD91C-9CB5-4712-AA48-D03FE1210A61}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{E20ECEBF-000C-4421-BB41-0B09B99678B3}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{E9D0DC79-6E90-419D-93C7-F2FC07B08134}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{F10F26FD-FB61-48DE-82BD-308ECCE383E0}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{F5459294-6B19-457E-9A34-9DAE3A4927FA}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{F9382806-C3E3-476B-931F-E423EC833E1D}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{FB089086-771C-40E9-B66C-C1BBA9AA9C8B}
Successfully deleted: [Empty Folder] C:\Users\Cedric\appdata\local\{FE3934FB-D77B-47CE-9554-9F0B0EEA8090}
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"
~~~ FireFox
Emptied folder: C:\Users\Cedric\AppData\Roaming\mozilla\firefox\profiles\sx7pq9ou.default\minidumps [13 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Cedric\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.10.2013 at 21:49:11,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Cedric (administrator) on CEDRIC-PC on 18-10-2013 21:40:58
Running from C:\Users\Cedric\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Cedric\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Akamai Technologies, Inc.) C:\Users\Cedric\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Cedric\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-13] (Google Inc.)
HKCU\...\Run: [Steam] - D:\Program Files (x86)\Steam\steam.exe [1813928 2013-10-09] (Valve Corporation)
HKCU\...\Run: [Afflicted.3.3.5.exe] - C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Templates\Afflicted.3.3.5.exe
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Cedric\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [FreeAC] - C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1328976 2012-04-25] (Comfort Software Group)
MountPoints2: {c5c332ca-c293-11e0-8adc-806e6f6e6963} - E:\KOCHSTARTER.EXE
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2345296 2013-10-01] (LogMeIn Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.kiebel.de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://syb.msn.com
URLSearchHook: (No Name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No File
SearchScopes: HKLM - DefaultScope {F7B3FCBA-696D-41F0-9076-E3DE879E8AE3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSBTDF&pc=MASB&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKCU - {C0A42898-FF5C-4D4C-A8E4-7285633E5A4A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=40DD5461-3976-4E75-A3E1-438EBA5B9A68&apn_sauid=14786285-152F-4A52-8193-60F65391512E
SearchScopes: HKCU - {F7B3FCBA-696D-41F0-9076-E3DE879E8AE3} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{EA9FFED0-C8E4-4FB1-B965-88F46CF45362}: [NameServer]192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Cedric\AppData\Roaming\Mozilla\Firefox\Profiles\sx7pq9ou.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Cedric\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Cedric\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Amazon-Icon - C:\Users\Cedric\AppData\Roaming\Mozilla\Firefox\Profiles\sx7pq9ou.default\Extensions\amazon-icon@winload.de
FF Extension: pricealarm - C:\Users\Cedric\AppData\Roaming\Mozilla\Firefox\Profiles\sx7pq9ou.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: groovesharkUnlocker - C:\Users\Cedric\AppData\Roaming\Mozilla\Firefox\Profiles\sx7pq9ou.default\Extensions\groovesharkUnlocker@overlord1337.xpi
FF Extension: No Name - C:\Users\Cedric\AppData\Roaming\Mozilla\Firefox\Profiles\sx7pq9ou.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi
FF HKCU\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.youtube.com/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Cedric\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Cedric\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Cedric\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U4) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.40.255) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Cedric\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (YouTube) - C:\Users\Cedric\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Cedric\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Grooveshark Germany unlocker) - C:\Users\Cedric\AppData\Local\Google\Chrome\User Data\Default\Extensions\docdgimmdejoiemdafcgeodchlbllgac\2.3.4_0
CHR Extension: (SciLor's Grooveshark(tm) Unlocker) - C:\Users\Cedric\AppData\Local\Google\Chrome\User Data\Default\Extensions\feegenemlbjkbnfpgdmjddbeiecdbpob\0.3.3_0
CHR Extension: () - C:\Users\Cedric\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html
CHR Extension: (AdBlock) - C:\Users\Cedric\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0
CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\Cedric\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm\3.0.9_0
CHR Extension: (Amazon-Icon) - C:\Users\Cedric\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg\1.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Cedric\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Cedric\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files (x86)\Mein Gutscheincode Finder\Chrome\chrome-extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Cedric\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Cedric\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-20] (Akamai Technologies, Inc.)
R2 Hamachi2Svc; D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2746704 2013-10-01] (LogMeIn Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-22] ()
S3 xsherlock; C:\Windows\SysWow64\xsherlock.xem [666720 2012-09-20] (Wellbia.com Co., Ltd.)
==================== Drivers (Whitelisted) ====================
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [15416 2009-05-14] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [40712 2012-11-15] (Anchorfree Inc.)
S2 SVKP; \??\C:\Windows\system32\SVKP.sys [x]
S3 X6va005; \??\C:\Users\Cedric\AppData\Local\Temp\005758F.tmp [x]
S3 X6va007; \??\C:\Users\Cedric\AppData\Local\Temp\007A9C0.tmp [x]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-18 19:53 - 2013-10-18 19:53 - 00001101 _____ C:\Users\Cedric\Desktop\AdwCleaner[S1].txt
2013-10-18 19:47 - 2013-10-18 19:47 - 00008675 _____ C:\Users\Cedric\Desktop\AdwCleaner[S0].txt
2013-10-18 19:38 - 2013-10-18 19:38 - 00000000 ____D C:\Windows\ERUNT
2013-10-18 19:29 - 2013-10-18 19:51 - 00000000 ____D C:\AdwCleaner
2013-10-18 19:29 - 2013-10-18 19:29 - 01050644 _____ C:\Users\Cedric\Downloads\adwcleaner.exe
2013-10-18 19:29 - 2013-10-18 19:29 - 01033335 _____ (Thisisu) C:\Users\Cedric\Downloads\JRT.exe
2013-10-18 19:29 - 2013-10-18 19:29 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-18 19:29 - 2013-10-18 19:29 - 00000000 ____D C:\Users\Cedric\AppData\Roaming\Malwarebytes
2013-10-18 19:29 - 2013-10-18 19:29 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-18 19:29 - 2013-10-18 19:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-18 19:29 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-18 19:27 - 2013-10-18 19:28 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Cedric\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-17 19:26 - 2013-10-17 19:27 - 00022981 _____ C:\Users\Cedric\Downloads\Addition.txt
2013-10-17 19:25 - 2013-10-17 19:25 - 00000000 ____D C:\FRST
2013-10-17 19:23 - 2013-10-17 19:23 - 01954124 _____ (Farbar) C:\Users\Cedric\Downloads\FRST64.exe
2013-10-16 19:10 - 2013-10-16 19:10 - 00000000 ____D C:\Users\Cedric\ChromeExtensions
2013-10-16 19:10 - 2013-10-16 19:10 - 00000000 ____D C:\Users\Cedric\AppData\Local\Tempfccdedb359dfb0cc5879b144d34777b1
2013-10-16 19:10 - 2013-10-16 19:10 - 00000000 ____D C:\Users\Cedric\AppData\Local\Temp52b5c731f15377fa711d13d681f1547e
2013-10-15 00:02 - 2013-10-15 00:02 - 00004684 _____ C:\Users\Cedric\.recently-used.xbel
2013-10-12 15:55 - 2013-10-12 15:55 - 00000220 _____ C:\Users\Cedric\Desktop\Sid Meier's Civilization V.url
2013-10-10 03:11 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 03:11 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 03:11 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 03:11 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 03:11 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 03:11 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 03:11 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 03:11 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 03:11 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 03:11 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 03:11 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 03:11 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 03:11 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 03:11 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 03:11 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 03:11 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 03:11 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 03:11 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 03:11 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 03:11 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 03:11 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 03:11 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 03:11 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 03:11 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 03:11 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 03:11 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 03:11 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 03:11 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 03:11 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 03:11 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 03:11 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 20:00 - 2013-10-09 20:00 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-09 12:22 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 12:22 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 12:22 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 12:22 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 12:22 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 12:22 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 12:22 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 12:22 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 12:22 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 12:22 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 12:22 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 12:22 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-09 12:22 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-09 12:22 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 12:22 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 12:22 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 12:21 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-09 12:21 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-09 12:21 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-09 12:21 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-09 12:21 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 12:21 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 12:21 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 12:21 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 12:21 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 12:21 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 12:21 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 12:21 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-09 12:21 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-09 12:21 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-09 12:21 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-09 12:21 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-09 12:21 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-09 12:21 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-09 12:21 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-09 12:21 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-09 12:21 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-09 12:21 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-09 12:21 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-09 12:21 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-09 12:21 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-09 12:21 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-09 12:21 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 12:21 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-09 12:21 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 12:21 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 12:21 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 12:21 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-09 12:21 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-09 12:21 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-09 12:21 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-09 12:21 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-09 10:05 - 2013-10-09 10:05 - 00000000 ____D C:\Users\Cedric\AppData\Local\LogMeIn
2013-10-09 10:05 - 2013-10-09 10:05 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-06 22:04 - 2013-09-12 10:58 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-06 22:04 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-06 22:04 - 2013-09-12 10:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-06 22:04 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-10-06 22:04 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-10-06 21:52 - 2013-10-06 21:52 - 00001351 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-10-06 21:52 - 2013-10-06 21:52 - 00000000 ____D C:\Users\Cedric\AppData\Local\NVIDIA
2013-10-06 21:45 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-10-06 21:45 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-10-06 21:45 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-10-06 21:37 - 2013-10-06 21:37 - 22321072 _____ (NVIDIA Corporation) C:\Users\Cedric\Downloads\GeForce_Experience_v1.6.1.0.exe
2013-10-06 21:36 - 2013-10-06 21:42 - 00000000 ____D C:\Users\Cedric\Documents\Battlefield 4
2013-10-06 21:35 - 2013-10-06 21:35 - 00000000 ____D C:\Users\Cedric\AppData\Local\ESN
2013-10-06 21:17 - 2013-10-06 21:17 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-10-06 20:43 - 2013-10-06 20:43 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-06 17:48 - 2013-10-08 10:57 - 00000000 ____D C:\Users\Cedric\AppData\Roaming\Origin
2013-10-06 17:44 - 2013-10-10 15:42 - 00000000 ____D C:\ProgramData\Origin
2013-10-06 17:39 - 2013-10-06 17:40 - 16952576 _____ (Electronic Arts, Inc.) C:\Users\Cedric\Downloads\OriginThinSetup.exe
2013-10-03 19:22 - 2013-10-04 10:55 - 00000000 ____D C:\Users\Cedric\AppData\Local\fabi.me
2013-10-03 19:16 - 2013-10-18 20:40 - 00000000 ____D C:\Users\Cedric\Downloads\SpeedAutoClicker (1)
2013-10-03 19:15 - 2013-10-03 19:15 - 00094899 _____ C:\Users\Cedric\Downloads\SpeedAutoClicker (1).zip
2013-10-03 18:52 - 2013-10-03 18:52 - 01197968 _____ (AutomaticSolution Software ) C:\Users\Cedric\Downloads\ReMouseStandard-Setup.exe
2013-10-03 18:45 - 2013-10-03 18:45 - 00094899 _____ C:\Users\Cedric\Downloads\SpeedAutoClicker.zip
2013-10-03 18:40 - 2013-10-04 10:53 - 00000000 ____D C:\Users\Cedric\Documents\AutomaticSolution Software
2013-10-03 18:40 - 2013-10-03 18:55 - 00000000 ____D C:\Program Files (x86)\GhostMouse
2013-10-03 18:39 - 2013-10-03 18:39 - 00910736 _____ (ghost-mouse.com ) C:\Users\Cedric\Downloads\GhostMouse321-Setup.exe
2013-10-01 21:28 - 2013-10-01 21:28 - 00000000 ____D C:\Users\Cedric\AppData\Local\Blizzard Entertainment
2013-09-28 18:35 - 2013-10-18 19:31 - 00004411 _____ C:\Users\Cedric\Desktop\cookieclicker.txt
2013-09-26 19:41 - 2013-09-26 19:41 - 00000000 ____D C:\Users\Cedric\AppData\Local\{516AD885-89AA-45B5-BB00-055B0F40B655}
2013-09-22 01:44 - 2013-09-22 01:50 - 00000807 _____ C:\Users\Cedric\Desktop\unserlolgedicht.txt
2013-09-21 16:39 - 2013-09-21 16:39 - 00000221 _____ C:\Users\Cedric\Desktop\LIMBO.url
==================== One Month Modified Files and Folders =======
2013-10-18 21:40 - 2011-08-14 03:02 - 00000000 ____D C:\Users\Cedric\AppData\Roaming\Skype
2013-10-18 21:39 - 2012-02-18 13:52 - 00000000 ____D C:\Users\Cedric\AppData\Local\LogMeIn Hamachi
2013-10-18 21:38 - 2011-10-15 03:05 - 00052882 _____ C:\Windows\setupact.log
2013-10-18 21:38 - 2011-08-12 18:32 - 02033809 _____ C:\Windows\WindowsUpdate.log
2013-10-18 21:38 - 2011-08-09 16:00 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-18 21:38 - 2010-11-21 05:47 - 00033958 _____ C:\Windows\PFRO.log
2013-10-18 21:38 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-18 21:20 - 2011-08-13 16:22 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4045075974-3412579544-3843023296-1001UA.job
2013-10-18 20:46 - 2012-05-06 22:29 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-18 20:40 - 2013-10-03 19:16 - 00000000 ____D C:\Users\Cedric\Downloads\SpeedAutoClicker (1)
2013-10-18 19:59 - 2009-07-14 06:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-18 19:59 - 2009-07-14 06:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-18 19:53 - 2013-10-18 19:53 - 00001101 _____ C:\Users\Cedric\Desktop\AdwCleaner[S1].txt
2013-10-18 19:51 - 2013-10-18 19:29 - 00000000 ____D C:\AdwCleaner
2013-10-18 19:47 - 2013-10-18 19:47 - 00008675 _____ C:\Users\Cedric\Desktop\AdwCleaner[S0].txt
2013-10-18 19:42 - 2011-08-12 18:33 - 00000000 ___RD C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-18 19:38 - 2013-10-18 19:38 - 00000000 ____D C:\Windows\ERUNT
2013-10-18 19:31 - 2013-09-28 18:35 - 00004411 _____ C:\Users\Cedric\Desktop\cookieclicker.txt
2013-10-18 19:31 - 2012-07-03 23:22 - 00000000 ____D C:\Users\Cedric\AppData\Local\PMB Files
2013-10-18 19:31 - 2012-07-03 23:22 - 00000000 ____D C:\ProgramData\PMB Files
2013-10-18 19:29 - 2013-10-18 19:29 - 01050644 _____ C:\Users\Cedric\Downloads\adwcleaner.exe
2013-10-18 19:29 - 2013-10-18 19:29 - 01033335 _____ (Thisisu) C:\Users\Cedric\Downloads\JRT.exe
2013-10-18 19:29 - 2013-10-18 19:29 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-18 19:29 - 2013-10-18 19:29 - 00000000 ____D C:\Users\Cedric\AppData\Roaming\Malwarebytes
2013-10-18 19:29 - 2013-10-18 19:29 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-18 19:29 - 2013-10-18 19:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-18 19:28 - 2013-10-18 19:27 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Cedric\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-18 16:48 - 2013-05-26 17:15 - 00002414 _____ C:\Users\Cedric\Desktop\LoL-Ingame.lnk
2013-10-18 11:20 - 2011-08-13 16:22 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4045075974-3412579544-3843023296-1001Core.job
2013-10-17 19:27 - 2013-10-17 19:26 - 00022981 _____ C:\Users\Cedric\Downloads\Addition.txt
2013-10-17 19:25 - 2013-10-17 19:25 - 00000000 ____D C:\FRST
2013-10-17 19:23 - 2013-10-17 19:23 - 01954124 _____ (Farbar) C:\Users\Cedric\Downloads\FRST64.exe
2013-10-17 03:22 - 2011-08-13 16:24 - 00002374 _____ C:\Users\Cedric\Desktop\Google Chrome.lnk
2013-10-16 19:10 - 2013-10-16 19:10 - 00000000 ____D C:\Users\Cedric\ChromeExtensions
2013-10-16 19:10 - 2013-10-16 19:10 - 00000000 ____D C:\Users\Cedric\AppData\Local\Tempfccdedb359dfb0cc5879b144d34777b1
2013-10-16 19:10 - 2013-10-16 19:10 - 00000000 ____D C:\Users\Cedric\AppData\Local\Temp52b5c731f15377fa711d13d681f1547e
2013-10-16 19:10 - 2011-08-12 18:33 - 00000000 ____D C:\Users\Cedric
2013-10-15 00:05 - 2011-08-21 02:20 - 00000000 ____D C:\Users\Cedric\.gimp-2.6
2013-10-15 00:02 - 2013-10-15 00:02 - 00004684 _____ C:\Users\Cedric\.recently-used.xbel
2013-10-15 00:02 - 2011-08-21 02:20 - 00000000 ____D C:\Users\Cedric\AppData\Roaming\gtk-2.0
2013-10-13 15:57 - 2013-07-24 14:28 - 00000000 ____D C:\Users\Cedric\AppData\Local\My Games
2013-10-13 15:57 - 2011-08-15 10:04 - 00000000 ____D C:\Users\Cedric\Documents\My Games
2013-10-13 15:53 - 2011-06-29 10:49 - 00448029 _____ C:\Windows\DirectX.log
2013-10-12 15:55 - 2013-10-12 15:55 - 00000220 _____ C:\Users\Cedric\Desktop\Sid Meier's Civilization V.url
2013-10-12 15:55 - 2011-09-18 12:07 - 00000000 ____D C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-10-11 11:00 - 2011-08-13 20:26 - 00000000 ____D C:\Users\Cedric\AppData\Roaming\TS3Client
2013-10-11 01:54 - 2011-06-29 11:09 - 00001912 _____ C:\Windows\epplauncher.mif
2013-10-11 01:54 - 2011-06-29 11:08 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-11 01:54 - 2011-06-29 11:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-10-10 15:42 - 2013-10-06 17:44 - 00000000 ____D C:\ProgramData\Origin
2013-10-10 15:42 - 2011-10-30 23:38 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-10-10 09:46 - 2012-05-06 22:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 09:46 - 2012-05-06 22:29 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 09:46 - 2011-08-18 04:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-10 03:36 - 2010-11-21 08:50 - 00697284 _____ C:\Windows\system32\perfh007.dat
2013-10-10 03:36 - 2010-11-21 08:50 - 00148322 _____ C:\Windows\system32\perfc007.dat
2013-10-10 03:36 - 2009-07-14 07:13 - 01614892 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-10 03:31 - 2009-07-14 06:45 - 00277616 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 03:30 - 2012-05-16 06:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 03:30 - 2012-05-16 06:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 03:09 - 2011-06-29 11:09 - 01591850 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-10 03:06 - 2013-07-27 11:28 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 03:04 - 2011-06-29 11:42 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 20:00 - 2013-10-09 20:00 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-09 10:05 - 2013-10-09 10:05 - 00000000 ____D C:\Users\Cedric\AppData\Local\LogMeIn
2013-10-09 10:05 - 2013-10-09 10:05 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-08 11:31 - 2013-05-22 01:09 - 00000552 _____ C:\Users\Cedric\Desktop\SOLOQ-wichtig.txt
2013-10-08 11:15 - 2011-08-13 16:22 - 00004100 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4045075974-3412579544-3843023296-1001UA
2013-10-08 11:15 - 2011-08-13 16:22 - 00003704 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4045075974-3412579544-3843023296-1001Core
2013-10-08 10:57 - 2013-10-06 17:48 - 00000000 ____D C:\Users\Cedric\AppData\Roaming\Origin
2013-10-06 22:08 - 2011-08-09 16:00 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-06 21:52 - 2013-10-06 21:52 - 00001351 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-10-06 21:52 - 2013-10-06 21:52 - 00000000 ____D C:\Users\Cedric\AppData\Local\NVIDIA
2013-10-06 21:49 - 2011-08-09 16:00 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-06 21:48 - 2011-08-09 15:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-06 21:42 - 2013-10-06 21:36 - 00000000 ____D C:\Users\Cedric\Documents\Battlefield 4
2013-10-06 21:41 - 2013-07-22 19:26 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-10-06 21:37 - 2013-10-06 21:37 - 22321072 _____ (NVIDIA Corporation) C:\Users\Cedric\Downloads\GeForce_Experience_v1.6.1.0.exe
2013-10-06 21:36 - 2013-07-22 19:26 - 00215416 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-10-06 21:36 - 2012-04-19 16:39 - 00000000 ____D C:\Users\Cedric\AppData\Local\PunkBuster
2013-10-06 21:35 - 2013-10-06 21:35 - 00000000 ____D C:\Users\Cedric\AppData\Local\ESN
2013-10-06 21:17 - 2013-10-06 21:17 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-10-06 20:43 - 2013-10-06 20:43 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-06 17:40 - 2013-10-06 17:39 - 16952576 _____ (Electronic Arts, Inc.) C:\Users\Cedric\Downloads\OriginThinSetup.exe
2013-10-05 14:32 - 2013-05-13 21:28 - 00000334 _____ C:\Users\Cedric\Desktop\Banlist + shortcuts.txt
2013-10-04 10:55 - 2013-10-03 19:22 - 00000000 ____D C:\Users\Cedric\AppData\Local\fabi.me
2013-10-04 10:53 - 2013-10-03 18:40 - 00000000 ____D C:\Users\Cedric\Documents\AutomaticSolution Software
2013-10-03 19:15 - 2013-10-03 19:15 - 00094899 _____ C:\Users\Cedric\Downloads\SpeedAutoClicker (1).zip
2013-10-03 18:55 - 2013-10-03 18:40 - 00000000 ____D C:\Program Files (x86)\GhostMouse
2013-10-03 18:52 - 2013-10-03 18:52 - 01197968 _____ (AutomaticSolution Software ) C:\Users\Cedric\Downloads\ReMouseStandard-Setup.exe
2013-10-03 18:45 - 2013-10-03 18:45 - 00094899 _____ C:\Users\Cedric\Downloads\SpeedAutoClicker.zip
2013-10-03 18:39 - 2013-10-03 18:39 - 00910736 _____ (ghost-mouse.com ) C:\Users\Cedric\Downloads\GhostMouse321-Setup.exe
2013-10-02 17:02 - 2012-05-04 06:39 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-10-01 21:28 - 2013-10-01 21:28 - 00000000 ____D C:\Users\Cedric\AppData\Local\Blizzard Entertainment
2013-09-27 16:59 - 2011-08-13 20:25 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-09-26 19:41 - 2013-09-26 19:41 - 00000000 ____D C:\Users\Cedric\AppData\Local\{516AD885-89AA-45B5-BB00-055B0F40B655}
2013-09-23 01:28 - 2013-10-10 03:11 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-10 03:11 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-10 03:11 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-10 03:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-10 03:11 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-10 03:11 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-10 03:11 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-10 03:11 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-10 03:11 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-23 01:27 - 2013-10-10 03:11 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-23 01:27 - 2013-10-10 03:11 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-23 01:27 - 2013-10-10 03:11 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-23 01:27 - 2013-10-10 03:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-23 00:55 - 2013-10-10 03:11 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-10 03:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-10 03:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-10 03:11 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-10 03:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-10 03:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-10 03:11 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-10 03:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-10 03:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-10 03:11 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-23 00:54 - 2013-10-10 03:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-23 00:54 - 2013-10-10 03:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-23 00:54 - 2013-10-10 03:11 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-23 00:54 - 2013-10-10 03:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-22 01:50 - 2013-09-22 01:44 - 00000807 _____ C:\Users\Cedric\Desktop\unserlolgedicht.txt
2013-09-21 16:39 - 2013-09-21 16:39 - 00000221 _____ C:\Users\Cedric\Desktop\LIMBO.url
2013-09-21 05:38 - 2013-10-10 03:11 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-21 05:30 - 2013-10-10 03:11 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-21 04:48 - 2013-10-10 03:11 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-21 04:39 - 2013-10-10 03:11 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
Some content of TEMP:
====================
C:\Users\Cedric\AppData\Local\Temp\amazonicon.exe
C:\Users\Cedric\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Cedric\AppData\Local\Temp\APNStub.exe
C:\Users\Cedric\AppData\Local\Temp\AutoRun.exe
C:\Users\Cedric\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Cedric\AppData\Local\Temp\b52ca188db85c99802133282b8566384.dll
C:\Users\Cedric\AppData\Local\Temp\CmdLineExt03.dll
C:\Users\Cedric\AppData\Local\Temp\DivXWebPlayerInstaller.exe
C:\Users\Cedric\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Cedric\AppData\Local\Temp\drm_dyndata_7390006.dll
C:\Users\Cedric\AppData\Local\Temp\EAInstall.dll
C:\Users\Cedric\AppData\Local\Temp\eauninstall.exe
C:\Users\Cedric\AppData\Local\Temp\EBU5CB2.EXE
C:\Users\Cedric\AppData\Local\Temp\EBU7580.DLL
C:\Users\Cedric\AppData\Local\Temp\GLF6BAC.tmp.ConduitEngineSetup.exe
C:\Users\Cedric\AppData\Local\Temp\GURC836.exe
C:\Users\Cedric\AppData\Local\Temp\IncrediMail_MediaBar_2.exe
C:\Users\Cedric\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\Cedric\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Cedric\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Cedric\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Cedric\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Cedric\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Cedric\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Cedric\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\Cedric\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Cedric\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Cedric\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Cedric\AppData\Local\Temp\nvStInst.exe
C:\Users\Cedric\AppData\Local\Temp\Quarantine.exe
C:\Users\Cedric\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Cedric\AppData\Local\Temp\SIntf16.dll
C:\Users\Cedric\AppData\Local\Temp\SIntf32.dll
C:\Users\Cedric\AppData\Local\Temp\SIntfNT.dll
C:\Users\Cedric\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Cedric\AppData\Local\Temp\sonarinst.exe
C:\Users\Cedric\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Cedric\AppData\Local\Temp\tbIncr.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-10 04:01
==================== End Of Log ============================
--- --- ---
Das Problem ist auf jeden Fall jetzt schon behoben. Vielen herzlichen Dank! :dankeschoen: