FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01
Ran by Timo T (administrator) on TIMO on 29-12-2013 21:46:01
Running from C:\Users\Timo T\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Updater) C:\ProgramData\Updater\updater.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(PC Utilities Pro) C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(PC Utilities Pro) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(WatchDog) C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
(WatchDog) C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe
(WatchDog) C:\ProgramData\RHelpers\IeHelper\IeHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Jump Flip) C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1644680 2013-03-10] (Ask)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [486264 2013-12-18] (Updater)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [761024 2013-12-13] ()
HKLM-x32\...\Runonce: [Del4089953] - cmd.exe /Q /D /c del "C:\Users\TIMOT~1\AppData\Local\Temp\0.del" [x]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Atheros Communications))
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKCU\...\Run: [Facebook Update] - C:\Users\Timo T\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-10] (Facebook Inc.)
HKCU\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [134648 2013-10-28] ()
HKCU\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [486264 2013-12-18] (Updater)
HKCU\...\Run: [NextLive] - C:\WINDOWS\SysWOW64\rundll32.exe "C:\Users\Timo T\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKCU\...\Runonce: [Del4089953] - cmd.exe /Q /D /c del "C:\Users\TIMOT~1\AppData\Local\Temp\0.del"
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll c:\progra~2\optimi~1\optpro~1.dll [4279112 2013-10-29] ()
Startup: C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
SearchScopes: HKLM - {12086C10-E61B-4C87-8253-D990FA7080CB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
SearchScopes: HKLM-x32 - {12086C10-E61B-4C87-8253-D990FA7080CB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
SearchScopes: HKCU - {12086C10-E61B-4C87-8253-D990FA7080CB} URL =
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
SearchScopes: HKCU - {E45BDB2D-6143-413D-9FF7-1865745671DC} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=a4d03a85-bda5-450d-adb1-2b4d82f33cf8&apn_sauid=1250515E-8CA1-4AEB-9464-30C3704A7870
BHO: saavinugtoyyou - {3452EE4D-89B3-E1D4-FF71-706C2912BF03} - C:\ProgramData\saavinugtoyyou\OrmbLjH6I_.x64.dll ()
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: dOwwnnloadittkeep - {82E8CB70-1EDF-3579-F279-ABEA2CAE660B} - C:\ProgramData\dOwwnnloadittkeep\xKeUtMS2U.x64.dll ()
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Jump Flip - {6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} - C:\Program Files (x86)\Jump Flip\JumpFlipBHO.dll (Jump Flip)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default
FF user.js: detected! => C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\user.js
FF NewTab: hxxp://www.nationzoom.com/newtab/?type=nt&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
FF DefaultSearchEngine: nationzoom
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: nationzoom
FF Homepage: hxxp://www.nationzoom.com/?type=hp&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Timo T\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nationzoom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: dOwwnnloadittkeep - C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\Extensions\d.u8vact@ocvzuyoytmw-.net
FF Extension: Ask Toolbar - C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\Extensions\toolbar@ask.com
FF Extension: saavinugtoyyou - C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\Extensions\vxavvpc@ptwb-rm.com
FF Extension: Foxtab Speed Dial - C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}
FF Extension: Jump Flip - C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\Extensions\firefox@jumpflip.net.xpi
FF Extension: BonanzaDeals - C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.nationzoom.com/?type=sc&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 70e6ca8c; C:\WINDOWS\system32\rundll32.exe [52736 2013-08-22] (Microsoft Corporation)
R2 70e6ca8c; C:\WINDOWS\SysWow64\rundll32.exe [49664 2013-08-22] (Microsoft Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [38440 2013-09-19] (Just Develop It)
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-11-06] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-11-06] (BonanzaDeals)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-15] (Dritek System INC.)
R2 Update Jump Flip; C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe [65312 2013-12-27] (Jump Flip)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-15] (Dritek System Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-29 21:46 - 2013-12-29 21:46 - 00023240 _____ C:\Users\Timo T\Downloads\FRST.txt
2013-12-29 21:45 - 2013-12-29 21:45 - 00000000 ____D C:\FRST
2013-12-29 21:44 - 2013-12-29 21:44 - 01931302 _____ (Farbar) C:\Users\Timo T\Downloads\FRST64.exe
2013-12-29 21:40 - 2013-12-29 21:40 - 00000000 ____D C:\Program Files (x86)\Jump Flip
2013-12-29 21:39 - 2013-12-29 21:39 - 00003120 _____ C:\WINDOWS\System32\Tasks\Advanced System Protector_startup
2013-12-29 21:39 - 2013-12-29 21:39 - 00001217 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-12-29 21:39 - 2013-12-29 21:39 - 00001103 _____ C:\Users\Timo T\Desktop\MyPC Backup.lnk
2013-12-29 21:39 - 2013-12-29 21:39 - 00001035 _____ C:\Users\Timo T\Desktop\Mobogenie.lnk
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\ProgramData\Systweak
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Program Files (x86)\Advanced System Protector
2013-12-29 21:39 - 2012-07-25 12:03 - 00016896 _____ C:\WINDOWS\system32\sasnative64.exe
2013-12-29 21:38 - 2013-12-29 21:39 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Systweak
2013-12-29 21:38 - 2013-12-29 21:39 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-12-29 21:38 - 2013-12-29 21:38 - 00003316 _____ C:\WINDOWS\System32\Tasks\Advanced System Protector
2013-12-29 21:38 - 2013-12-29 21:38 - 00003108 _____ C:\WINDOWS\System32\Tasks\RegClean Pro
2013-12-29 21:38 - 2013-12-29 21:38 - 00003012 _____ C:\WINDOWS\System32\Tasks\RegClean Pro_UPDATES
2013-12-29 21:38 - 2013-12-29 21:38 - 00002856 _____ C:\WINDOWS\System32\Tasks\RegClean Pro_DEFAULT
2013-12-29 21:38 - 2013-12-29 21:38 - 00002646 _____ C:\WINDOWS\System32\Tasks\Digital Sites
2013-12-29 21:38 - 2013-12-29 21:38 - 00001130 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-12-29 21:38 - 2013-12-29 21:38 - 00001066 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-12-29 21:38 - 2013-12-29 21:38 - 00000308 _____ C:\WINDOWS\Tasks\Digital Sites.job
2013-12-29 21:38 - 2013-12-29 21:38 - 00000296 _____ C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
2013-12-29 21:38 - 2013-12-29 21:38 - 00000288 _____ C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
2013-12-29 21:38 - 2013-12-29 21:38 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\DigitalSites
2013-12-29 21:38 - 2013-12-29 21:38 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-12-29 21:38 - 2013-12-29 21:38 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-12-29 21:38 - 2013-11-22 15:42 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\WINDOWS\system32\roboot64.exe
2013-12-29 21:37 - 2013-12-29 21:37 - 00673568 _____ ( ) C:\Users\Timo T\Downloads\ZipOpenerSetup.exe
2013-12-29 20:31 - 2013-12-29 20:31 - 00000000 ____D C:\ProgramData\Websteroids
2013-12-29 19:44 - 2013-12-29 19:44 - 00000000 ____D C:\ProgramData\Oracle
2013-12-29 19:44 - 2013-12-29 19:43 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-12-29 19:44 - 2013-12-29 19:43 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-12-29 19:44 - 2013-12-29 19:43 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-12-29 19:44 - 2013-12-29 19:43 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-12-29 19:43 - 2013-12-29 19:43 - 00000000 ____D C:\Program Files\Java
2013-12-29 19:42 - 2013-12-29 19:42 - 30694824 _____ (Oracle Corporation) C:\Users\Timo T\Downloads\jre-7u45-windows-x64.exe
2013-12-29 19:39 - 2013-12-29 19:39 - 00470032 _____ C:\Users\Timo T\Downloads\Java.exe
2013-12-29 18:16 - 2013-12-29 21:45 - 00000000 ____D C:\Users\Timo T\AppData\Local\Mobogenie
2013-12-29 18:16 - 2013-12-29 21:39 - 00000000 ____D C:\Users\Timo T\AppData\Local\genienext
2013-12-29 18:16 - 2013-12-29 20:31 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\newnext.me
2013-12-29 18:16 - 2013-12-29 20:21 - 00000138 _____ C:\Users\Timo T\daemonprocess.txt
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\Documents\Mobogenie
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\AppData\Local\cache
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\.android
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\ProgramData\Updater
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\ProgramData\RHelpers
2013-12-29 18:15 - 2013-12-29 20:25 - 00000000 ____D C:\ProgramData\WPM
2013-12-29 18:15 - 2013-12-29 20:24 - 00000000 ____D C:\Users\Timo T\AppData\Local\Lollipop
2013-12-29 18:14 - 2013-12-29 18:14 - 00002066 _____ C:\Users\Timo T\Desktop\Continue installation - FlashPlayer.lnk
2013-12-29 18:11 - 2013-12-29 18:11 - 00336936 _____ (Amônétízé Ltd) C:\Users\Timo T\Downloads\FlashPlayer__4003_i220968287_il14.exe
2013-12-29 10:33 - 2013-12-29 10:33 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Bonanza
2013-12-24 15:58 - 2013-12-24 16:01 - 00000000 ____D C:\ProgramData\dOwwnnloadittkeep
2013-12-24 15:58 - 2013-12-24 16:00 - 00000000 ____D C:\ProgramData\saavinugtoyyou
2013-12-24 15:58 - 2013-12-24 15:58 - 00000000 ____D C:\ProgramData\e8a480b429bfdc00
2013-12-23 21:18 - 2013-12-23 21:57 - 119282768 _____ (Black & Bloody Vengeance) C:\Users\Timo T\Downloads\[BV] Mod Collection Installer 8.10.4.exe
2013-12-21 20:07 - 2013-12-21 20:07 - 00002236 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-21 19:52 - 2013-12-21 19:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 21:03 - 2013-12-23 22:18 - 00001077 _____ C:\Users\Public\Desktop\ActiveDossierUploader.lnk
2013-12-20 21:03 - 2013-12-23 22:18 - 00001027 _____ C:\Users\Public\Desktop\Radial Menu Editor.lnk
2013-12-20 21:03 - 2013-12-23 22:18 - 00000942 _____ C:\Users\Public\Desktop\Setup WoT Stats.lnk
2013-12-20 21:03 - 2013-12-23 22:18 - 00000096 _____ C:\Users\Public\Desktop\[BV] Mod Collection Updates.url
2013-12-18 18:26 - 2013-12-18 18:26 - 00000030 _____ C:\Users\Timo T\AppData\Roaming\WB.CFG
2013-12-14 17:53 - 2013-11-12 00:41 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-14 17:53 - 2013-11-12 00:40 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-14 17:53 - 2013-11-12 00:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-14 17:53 - 2013-11-12 00:24 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-14 17:53 - 2013-11-11 03:48 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-14 17:53 - 2013-11-09 12:55 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-14 17:53 - 2013-11-09 07:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-14 17:53 - 2013-11-09 06:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-14 17:53 - 2013-11-08 11:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-14 17:53 - 2013-11-08 05:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-14 17:53 - 2013-11-08 05:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-14 17:53 - 2013-11-08 05:26 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-14 17:53 - 2013-11-08 05:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-14 17:53 - 2013-11-08 05:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-14 17:53 - 2013-11-08 05:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-14 17:53 - 2013-11-08 04:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-14 17:53 - 2013-11-08 04:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-14 17:53 - 2013-11-05 15:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-14 17:53 - 2013-11-05 15:03 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-14 17:53 - 2013-11-05 14:57 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-14 17:53 - 2013-11-05 14:33 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-14 17:53 - 2013-11-05 14:32 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-14 17:53 - 2013-11-04 18:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-14 17:53 - 2013-11-04 18:13 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-14 17:53 - 2013-11-04 14:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-14 17:53 - 2013-11-04 12:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-14 17:53 - 2013-11-04 11:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-14 17:53 - 2013-11-04 03:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-14 17:53 - 2013-11-04 02:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-14 17:53 - 2013-11-01 12:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-14 17:53 - 2013-11-01 07:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-14 17:53 - 2013-11-01 06:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-14 17:53 - 2013-10-31 01:58 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-14 17:53 - 2013-10-31 01:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-14 17:53 - 2013-10-31 01:33 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-14 17:53 - 2013-10-31 01:33 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-14 17:53 - 2013-10-31 01:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-14 17:53 - 2013-10-31 01:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-14 17:53 - 2013-10-26 02:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-14 17:53 - 2013-10-24 10:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-14 17:53 - 2013-10-24 10:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-14 17:53 - 2013-10-17 12:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-14 17:53 - 2013-10-17 11:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-14 17:53 - 2013-10-05 15:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-14 17:53 - 2013-10-05 15:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-14 17:53 - 2013-10-05 13:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-14 17:53 - 2013-10-05 13:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-12 19:56 - 2013-12-12 21:13 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\TS3Client
2013-12-12 19:52 - 2013-11-23 05:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-12 19:52 - 2013-11-23 05:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-12 19:52 - 2013-11-23 04:32 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-12 19:52 - 2013-11-23 04:10 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-12 19:52 - 2013-11-09 07:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-12 19:52 - 2013-11-09 07:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-12 19:52 - 2013-11-09 06:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-12 19:51 - 2013-12-12 19:51 - 00001222 _____ C:\Users\Timo T\Desktop\TeamSpeak 3 Client.lnk
2013-12-12 19:51 - 2013-12-12 19:51 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2013-12-12 19:51 - 2013-12-12 19:51 - 00000000 ____D C:\Users\Timo T\AppData\Local\TeamSpeak 3 Client
2013-12-12 19:31 - 2013-12-12 19:33 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Timo T\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2013-12-12 18:38 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-12 18:38 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-12 18:38 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-12 18:38 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-12 18:38 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-12 18:38 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-12 18:38 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-12 18:38 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-12 18:38 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-12 18:38 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-12 18:38 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-12 18:38 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-12 18:38 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-12 18:38 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-12 18:38 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-12 18:38 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-12 18:38 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-12 18:38 - 2013-11-08 08:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-12 18:38 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-12 18:38 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-12 18:38 - 2013-10-15 09:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-12 18:38 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-11-30 12:18 - 2013-12-29 21:40 - 00003918 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A1E9E32D-55A8-4BAF-90D6-784E9A0B66BE}
==================== One Month Modified Files and Folders =======
2013-12-29 21:46 - 2013-12-29 21:46 - 00023240 _____ C:\Users\Timo T\Downloads\FRST.txt
2013-12-29 21:46 - 2013-10-18 22:09 - 01243131 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-29 21:45 - 2013-12-29 21:45 - 00000000 ____D C:\FRST
2013-12-29 21:45 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\AppData\Local\Mobogenie
2013-12-29 21:44 - 2013-12-29 21:44 - 01931302 _____ (Farbar) C:\Users\Timo T\Downloads\FRST64.exe
2013-12-29 21:44 - 2012-11-18 01:01 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1946761082-257476130-358862400-1002
2013-12-29 21:40 - 2013-12-29 21:40 - 00000000 ____D C:\Program Files (x86)\Jump Flip
2013-12-29 21:40 - 2013-11-30 12:18 - 00003918 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A1E9E32D-55A8-4BAF-90D6-784E9A0B66BE}
2013-12-29 21:39 - 2013-12-29 21:39 - 00003120 _____ C:\WINDOWS\System32\Tasks\Advanced System Protector_startup
2013-12-29 21:39 - 2013-12-29 21:39 - 00001217 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-12-29 21:39 - 2013-12-29 21:39 - 00001103 _____ C:\Users\Timo T\Desktop\MyPC Backup.lnk
2013-12-29 21:39 - 2013-12-29 21:39 - 00001035 _____ C:\Users\Timo T\Desktop\Mobogenie.lnk
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\ProgramData\Systweak
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Program Files (x86)\Advanced System Protector
2013-12-29 21:39 - 2013-12-29 21:38 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Systweak
2013-12-29 21:39 - 2013-12-29 21:38 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-12-29 21:39 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\AppData\Local\genienext
2013-12-29 21:39 - 2012-11-18 00:51 - 00000000 ___RD C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-29 21:38 - 2013-12-29 21:38 - 00003316 _____ C:\WINDOWS\System32\Tasks\Advanced System Protector
2013-12-29 21:38 - 2013-12-29 21:38 - 00003108 _____ C:\WINDOWS\System32\Tasks\RegClean Pro
2013-12-29 21:38 - 2013-12-29 21:38 - 00003012 _____ C:\WINDOWS\System32\Tasks\RegClean Pro_UPDATES
2013-12-29 21:38 - 2013-12-29 21:38 - 00002856 _____ C:\WINDOWS\System32\Tasks\RegClean Pro_DEFAULT
2013-12-29 21:38 - 2013-12-29 21:38 - 00002646 _____ C:\WINDOWS\System32\Tasks\Digital Sites
2013-12-29 21:38 - 2013-12-29 21:38 - 00001130 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-12-29 21:38 - 2013-12-29 21:38 - 00001066 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-12-29 21:38 - 2013-12-29 21:38 - 00000308 _____ C:\WINDOWS\Tasks\Digital Sites.job
2013-12-29 21:38 - 2013-12-29 21:38 - 00000296 _____ C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
2013-12-29 21:38 - 2013-12-29 21:38 - 00000288 _____ C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
2013-12-29 21:38 - 2013-12-29 21:38 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\DigitalSites
2013-12-29 21:38 - 2013-12-29 21:38 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-12-29 21:38 - 2013-12-29 21:38 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-12-29 21:37 - 2013-12-29 21:37 - 00673568 _____ ( ) C:\Users\Timo T\Downloads\ZipOpenerSetup.exe
2013-12-29 21:31 - 2013-11-06 20:26 - 00000936 _____ C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-12-29 21:28 - 2013-02-03 13:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-29 21:27 - 2013-11-06 20:27 - 00000308 _____ C:\WINDOWS\Tasks\UpdaterEX.job
2013-12-29 21:26 - 2013-11-06 20:26 - 00000304 _____ C:\WINDOWS\Tasks\FoxTab.job
2013-12-29 21:05 - 2013-07-25 21:49 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-29 21:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-29 20:31 - 2013-12-29 20:31 - 00000000 ____D C:\ProgramData\Websteroids
2013-12-29 20:31 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\newnext.me
2013-12-29 20:31 - 2013-11-06 20:26 - 00000932 _____ C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-12-29 20:31 - 2013-10-18 22:20 - 00000000 __RDO C:\Users\Timo T\SkyDrive
2013-12-29 20:30 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-29 20:30 - 2013-07-25 21:49 - 00001116 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-29 20:29 - 2013-09-29 20:04 - 00003230 _____ C:\WINDOWS\PFRO.log
2013-12-29 20:29 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-12-29 20:26 - 2013-11-06 20:26 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-12-29 20:25 - 2013-12-29 18:15 - 00000000 ____D C:\ProgramData\WPM
2013-12-29 20:24 - 2013-12-29 18:15 - 00000000 ____D C:\Users\Timo T\AppData\Local\Lollipop
2013-12-29 20:21 - 2013-12-29 18:16 - 00000138 _____ C:\Users\Timo T\daemonprocess.txt
2013-12-29 19:44 - 2013-12-29 19:44 - 00000000 ____D C:\ProgramData\Oracle
2013-12-29 19:43 - 2013-12-29 19:44 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-12-29 19:43 - 2013-12-29 19:44 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-12-29 19:43 - 2013-12-29 19:44 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-12-29 19:43 - 2013-12-29 19:44 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-12-29 19:43 - 2013-12-29 19:43 - 00000000 ____D C:\Program Files\Java
2013-12-29 19:42 - 2013-12-29 19:42 - 30694824 _____ (Oracle Corporation) C:\Users\Timo T\Downloads\jre-7u45-windows-x64.exe
2013-12-29 19:39 - 2013-12-29 19:39 - 00470032 _____ C:\Users\Timo T\Downloads\Java.exe
2013-12-29 19:16 - 2013-03-10 13:11 - 00000942 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1946761082-257476130-358862400-1002UA.job
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\Documents\Mobogenie
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\AppData\Local\cache
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\.android
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\ProgramData\Updater
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\ProgramData\RHelpers
2013-12-29 18:16 - 2013-10-18 21:52 - 00000000 ____D C:\Users\Timo T
2013-12-29 18:15 - 2013-10-18 22:16 - 00001678 _____ C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-29 18:15 - 2012-11-18 01:37 - 00001363 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-29 18:14 - 2013-12-29 18:14 - 00002066 _____ C:\Users\Timo T\Desktop\Continue installation - FlashPlayer.lnk
2013-12-29 18:11 - 2013-12-29 18:11 - 00336936 _____ (Amônétízé Ltd) C:\Users\Timo T\Downloads\FlashPlayer__4003_i220968287_il14.exe
2013-12-29 13:16 - 2013-03-10 13:11 - 00000920 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1946761082-257476130-358862400-1002Core.job
2013-12-29 10:33 - 2013-12-29 10:33 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Bonanza
2013-12-24 16:01 - 2013-12-24 15:58 - 00000000 ____D C:\ProgramData\dOwwnnloadittkeep
2013-12-24 16:00 - 2013-12-24 15:58 - 00000000 ____D C:\ProgramData\saavinugtoyyou
2013-12-24 15:58 - 2013-12-24 15:58 - 00000000 ____D C:\ProgramData\e8a480b429bfdc00
2013-12-24 11:39 - 2013-11-06 20:27 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-12-23 22:19 - 2013-11-04 18:21 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Black & Bloody Vengeance
2013-12-23 22:18 - 2013-12-20 21:03 - 00001077 _____ C:\Users\Public\Desktop\ActiveDossierUploader.lnk
2013-12-23 22:18 - 2013-12-20 21:03 - 00001027 _____ C:\Users\Public\Desktop\Radial Menu Editor.lnk
2013-12-23 22:18 - 2013-12-20 21:03 - 00000942 _____ C:\Users\Public\Desktop\Setup WoT Stats.lnk
2013-12-23 22:18 - 2013-12-20 21:03 - 00000096 _____ C:\Users\Public\Desktop\[BV] Mod Collection Updates.url
2013-12-23 21:57 - 2013-12-23 21:18 - 119282768 _____ (Black & Bloody Vengeance) C:\Users\Timo T\Downloads\[BV] Mod Collection Installer 8.10.4.exe
2013-12-22 15:38 - 2013-08-17 19:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-22 15:36 - 2013-01-01 03:07 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-22 15:00 - 2012-11-18 01:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 20:22 - 2013-11-15 20:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-12-21 20:07 - 2013-12-21 20:07 - 00002236 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-21 20:07 - 2013-07-25 21:49 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-21 19:52 - 2013-12-21 19:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 20:43 - 2013-09-30 05:14 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-20 20:43 - 2013-09-30 04:56 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2013-12-20 20:43 - 2013-09-30 04:56 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2013-12-18 18:30 - 2013-05-07 18:32 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2013-12-18 18:30 - 2013-03-30 20:34 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-12-18 18:30 - 2013-03-30 20:34 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-12-18 18:26 - 2013-12-18 18:26 - 00000030 _____ C:\Users\Timo T\AppData\Roaming\WB.CFG
2013-12-16 21:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-14 21:55 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-14 21:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-14 21:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-14 21:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-14 21:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-14 17:45 - 2013-08-22 15:44 - 00335992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-12 21:13 - 2013-12-12 19:56 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\TS3Client
2013-12-12 19:51 - 2013-12-12 19:51 - 00001222 _____ C:\Users\Timo T\Desktop\TeamSpeak 3 Client.lnk
2013-12-12 19:51 - 2013-12-12 19:51 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2013-12-12 19:51 - 2013-12-12 19:51 - 00000000 ____D C:\Users\Timo T\AppData\Local\TeamSpeak 3 Client
2013-12-12 19:33 - 2013-12-12 19:31 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Timo T\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2013-12-12 19:00 - 2013-07-25 21:49 - 00004092 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-12 19:00 - 2013-07-25 21:49 - 00003856 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-10 20:28 - 2013-02-03 13:41 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-12-04 01:05 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:05 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-03 19:42 - 2013-01-19 11:27 - 00003812 _____ C:\WINDOWS\System32\Tasks\Scheduled Update for Ask Toolbar
2013-12-03 19:42 - 2013-01-19 11:27 - 00000000 ____D C:\Program Files (x86)\Ask.com
2013-12-03 19:39 - 2013-08-22 15:46 - 00333628 _____ C:\WINDOWS\setupact.log
2013-12-02 21:17 - 2013-05-09 12:45 - 00000000 ____D C:\Users\Timo T\AppData\Local\DoNotTrackPlus
Some content of TEMP:
====================
C:\Users\Timo T\AppData\Local\Temp\avgnt.exe
C:\Users\Timo T\AppData\Local\Temp\BackupSetup.exe
C:\Users\Timo T\AppData\Local\Temp\FlashPlayer__4003_i220968287_il14.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-29 20:16
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- ---
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01
Ran by Timo T (administrator) on TIMO on 29-12-2013 21:46:01
Running from C:\Users\Timo T\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Updater) C:\ProgramData\Updater\updater.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(PC Utilities Pro) C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(PC Utilities Pro) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(WatchDog) C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
(WatchDog) C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe
(WatchDog) C:\ProgramData\RHelpers\IeHelper\IeHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Jump Flip) C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1644680 2013-03-10] (Ask)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [486264 2013-12-18] (Updater)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [761024 2013-12-13] ()
HKLM-x32\...\Runonce: [Del4089953] - cmd.exe /Q /D /c del "C:\Users\TIMOT~1\AppData\Local\Temp\0.del" [x]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Atheros Communications))
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKCU\...\Run: [Facebook Update] - C:\Users\Timo T\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-10] (Facebook Inc.)
HKCU\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [134648 2013-10-28] ()
HKCU\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [486264 2013-12-18] (Updater)
HKCU\...\Run: [NextLive] - C:\WINDOWS\SysWOW64\rundll32.exe "C:\Users\Timo T\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKCU\...\Runonce: [Del4089953] - cmd.exe /Q /D /c del "C:\Users\TIMOT~1\AppData\Local\Temp\0.del"
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll c:\progra~2\optimi~1\optpro~1.dll [4279112 2013-10-29] ()
Startup: C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
SearchScopes: HKLM - {12086C10-E61B-4C87-8253-D990FA7080CB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
SearchScopes: HKLM-x32 - {12086C10-E61B-4C87-8253-D990FA7080CB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
SearchScopes: HKCU - {12086C10-E61B-4C87-8253-D990FA7080CB} URL =
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542&q={searchTerms}
SearchScopes: HKCU - {E45BDB2D-6143-413D-9FF7-1865745671DC} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=a4d03a85-bda5-450d-adb1-2b4d82f33cf8&apn_sauid=1250515E-8CA1-4AEB-9464-30C3704A7870
BHO: saavinugtoyyou - {3452EE4D-89B3-E1D4-FF71-706C2912BF03} - C:\ProgramData\saavinugtoyyou\OrmbLjH6I_.x64.dll ()
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: dOwwnnloadittkeep - {82E8CB70-1EDF-3579-F279-ABEA2CAE660B} - C:\ProgramData\dOwwnnloadittkeep\xKeUtMS2U.x64.dll ()
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Jump Flip - {6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} - C:\Program Files (x86)\Jump Flip\JumpFlipBHO.dll (Jump Flip)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default
FF user.js: detected! => C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\user.js
FF NewTab: hxxp://www.nationzoom.com/newtab/?type=nt&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
FF DefaultSearchEngine: nationzoom
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: nationzoom
FF Homepage: hxxp://www.nationzoom.com/?type=hp&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Timo T\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nationzoom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: dOwwnnloadittkeep - C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\Extensions\d.u8vact@ocvzuyoytmw-.net
FF Extension: Ask Toolbar - C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\Extensions\toolbar@ask.com
FF Extension: saavinugtoyyou - C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\Extensions\vxavvpc@ptwb-rm.com
FF Extension: Foxtab Speed Dial - C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}
FF Extension: Jump Flip - C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\Extensions\firefox@jumpflip.net.xpi
FF Extension: BonanzaDeals - C:\Users\Timo T\AppData\Roaming\Mozilla\Firefox\Profiles\b5tnil6r.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.nationzoom.com/?type=sc&ts=1388337346&from=amt&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C32N0542N0542
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 70e6ca8c; C:\WINDOWS\system32\rundll32.exe [52736 2013-08-22] (Microsoft Corporation)
R2 70e6ca8c; C:\WINDOWS\SysWow64\rundll32.exe [49664 2013-08-22] (Microsoft Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [38440 2013-09-19] (Just Develop It)
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-11-06] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-11-06] (BonanzaDeals)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-15] (Dritek System INC.)
R2 Update Jump Flip; C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe [65312 2013-12-27] (Jump Flip)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-15] (Dritek System Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-29 21:46 - 2013-12-29 21:46 - 00023240 _____ C:\Users\Timo T\Downloads\FRST.txt
2013-12-29 21:45 - 2013-12-29 21:45 - 00000000 ____D C:\FRST
2013-12-29 21:44 - 2013-12-29 21:44 - 01931302 _____ (Farbar) C:\Users\Timo T\Downloads\FRST64.exe
2013-12-29 21:40 - 2013-12-29 21:40 - 00000000 ____D C:\Program Files (x86)\Jump Flip
2013-12-29 21:39 - 2013-12-29 21:39 - 00003120 _____ C:\WINDOWS\System32\Tasks\Advanced System Protector_startup
2013-12-29 21:39 - 2013-12-29 21:39 - 00001217 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-12-29 21:39 - 2013-12-29 21:39 - 00001103 _____ C:\Users\Timo T\Desktop\MyPC Backup.lnk
2013-12-29 21:39 - 2013-12-29 21:39 - 00001035 _____ C:\Users\Timo T\Desktop\Mobogenie.lnk
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\ProgramData\Systweak
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Program Files (x86)\Advanced System Protector
2013-12-29 21:39 - 2012-07-25 12:03 - 00016896 _____ C:\WINDOWS\system32\sasnative64.exe
2013-12-29 21:38 - 2013-12-29 21:39 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Systweak
2013-12-29 21:38 - 2013-12-29 21:39 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-12-29 21:38 - 2013-12-29 21:38 - 00003316 _____ C:\WINDOWS\System32\Tasks\Advanced System Protector
2013-12-29 21:38 - 2013-12-29 21:38 - 00003108 _____ C:\WINDOWS\System32\Tasks\RegClean Pro
2013-12-29 21:38 - 2013-12-29 21:38 - 00003012 _____ C:\WINDOWS\System32\Tasks\RegClean Pro_UPDATES
2013-12-29 21:38 - 2013-12-29 21:38 - 00002856 _____ C:\WINDOWS\System32\Tasks\RegClean Pro_DEFAULT
2013-12-29 21:38 - 2013-12-29 21:38 - 00002646 _____ C:\WINDOWS\System32\Tasks\Digital Sites
2013-12-29 21:38 - 2013-12-29 21:38 - 00001130 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-12-29 21:38 - 2013-12-29 21:38 - 00001066 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-12-29 21:38 - 2013-12-29 21:38 - 00000308 _____ C:\WINDOWS\Tasks\Digital Sites.job
2013-12-29 21:38 - 2013-12-29 21:38 - 00000296 _____ C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
2013-12-29 21:38 - 2013-12-29 21:38 - 00000288 _____ C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
2013-12-29 21:38 - 2013-12-29 21:38 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\DigitalSites
2013-12-29 21:38 - 2013-12-29 21:38 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-12-29 21:38 - 2013-12-29 21:38 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-12-29 21:38 - 2013-11-22 15:42 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\WINDOWS\system32\roboot64.exe
2013-12-29 21:37 - 2013-12-29 21:37 - 00673568 _____ ( ) C:\Users\Timo T\Downloads\ZipOpenerSetup.exe
2013-12-29 20:31 - 2013-12-29 20:31 - 00000000 ____D C:\ProgramData\Websteroids
2013-12-29 19:44 - 2013-12-29 19:44 - 00000000 ____D C:\ProgramData\Oracle
2013-12-29 19:44 - 2013-12-29 19:43 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-12-29 19:44 - 2013-12-29 19:43 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-12-29 19:44 - 2013-12-29 19:43 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-12-29 19:44 - 2013-12-29 19:43 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-12-29 19:43 - 2013-12-29 19:43 - 00000000 ____D C:\Program Files\Java
2013-12-29 19:42 - 2013-12-29 19:42 - 30694824 _____ (Oracle Corporation) C:\Users\Timo T\Downloads\jre-7u45-windows-x64.exe
2013-12-29 19:39 - 2013-12-29 19:39 - 00470032 _____ C:\Users\Timo T\Downloads\Java.exe
2013-12-29 18:16 - 2013-12-29 21:45 - 00000000 ____D C:\Users\Timo T\AppData\Local\Mobogenie
2013-12-29 18:16 - 2013-12-29 21:39 - 00000000 ____D C:\Users\Timo T\AppData\Local\genienext
2013-12-29 18:16 - 2013-12-29 20:31 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\newnext.me
2013-12-29 18:16 - 2013-12-29 20:21 - 00000138 _____ C:\Users\Timo T\daemonprocess.txt
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\Documents\Mobogenie
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\AppData\Local\cache
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\.android
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\ProgramData\Updater
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\ProgramData\RHelpers
2013-12-29 18:15 - 2013-12-29 20:25 - 00000000 ____D C:\ProgramData\WPM
2013-12-29 18:15 - 2013-12-29 20:24 - 00000000 ____D C:\Users\Timo T\AppData\Local\Lollipop
2013-12-29 18:14 - 2013-12-29 18:14 - 00002066 _____ C:\Users\Timo T\Desktop\Continue installation - FlashPlayer.lnk
2013-12-29 18:11 - 2013-12-29 18:11 - 00336936 _____ (Amônétízé Ltd) C:\Users\Timo T\Downloads\FlashPlayer__4003_i220968287_il14.exe
2013-12-29 10:33 - 2013-12-29 10:33 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Bonanza
2013-12-24 15:58 - 2013-12-24 16:01 - 00000000 ____D C:\ProgramData\dOwwnnloadittkeep
2013-12-24 15:58 - 2013-12-24 16:00 - 00000000 ____D C:\ProgramData\saavinugtoyyou
2013-12-24 15:58 - 2013-12-24 15:58 - 00000000 ____D C:\ProgramData\e8a480b429bfdc00
2013-12-23 21:18 - 2013-12-23 21:57 - 119282768 _____ (Black & Bloody Vengeance) C:\Users\Timo T\Downloads\[BV] Mod Collection Installer 8.10.4.exe
2013-12-21 20:07 - 2013-12-21 20:07 - 00002236 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-21 19:52 - 2013-12-21 19:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 21:03 - 2013-12-23 22:18 - 00001077 _____ C:\Users\Public\Desktop\ActiveDossierUploader.lnk
2013-12-20 21:03 - 2013-12-23 22:18 - 00001027 _____ C:\Users\Public\Desktop\Radial Menu Editor.lnk
2013-12-20 21:03 - 2013-12-23 22:18 - 00000942 _____ C:\Users\Public\Desktop\Setup WoT Stats.lnk
2013-12-20 21:03 - 2013-12-23 22:18 - 00000096 _____ C:\Users\Public\Desktop\[BV] Mod Collection Updates.url
2013-12-18 18:26 - 2013-12-18 18:26 - 00000030 _____ C:\Users\Timo T\AppData\Roaming\WB.CFG
2013-12-14 17:53 - 2013-11-12 00:41 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-14 17:53 - 2013-11-12 00:40 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-14 17:53 - 2013-11-12 00:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-14 17:53 - 2013-11-12 00:24 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-14 17:53 - 2013-11-11 03:48 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-14 17:53 - 2013-11-09 12:55 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-14 17:53 - 2013-11-09 07:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-14 17:53 - 2013-11-09 06:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-14 17:53 - 2013-11-08 11:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-14 17:53 - 2013-11-08 05:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-14 17:53 - 2013-11-08 05:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-14 17:53 - 2013-11-08 05:26 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-14 17:53 - 2013-11-08 05:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-14 17:53 - 2013-11-08 05:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-14 17:53 - 2013-11-08 05:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-14 17:53 - 2013-11-08 04:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-14 17:53 - 2013-11-08 04:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-14 17:53 - 2013-11-05 15:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-14 17:53 - 2013-11-05 15:03 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-14 17:53 - 2013-11-05 14:57 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-14 17:53 - 2013-11-05 14:33 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-14 17:53 - 2013-11-05 14:32 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-14 17:53 - 2013-11-04 18:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-14 17:53 - 2013-11-04 18:13 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-14 17:53 - 2013-11-04 14:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-14 17:53 - 2013-11-04 12:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-14 17:53 - 2013-11-04 11:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-14 17:53 - 2013-11-04 03:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-14 17:53 - 2013-11-04 02:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-14 17:53 - 2013-11-01 12:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-14 17:53 - 2013-11-01 07:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-14 17:53 - 2013-11-01 06:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-14 17:53 - 2013-10-31 01:58 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-14 17:53 - 2013-10-31 01:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-14 17:53 - 2013-10-31 01:33 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-14 17:53 - 2013-10-31 01:33 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-14 17:53 - 2013-10-31 01:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-14 17:53 - 2013-10-31 01:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-14 17:53 - 2013-10-26 02:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-14 17:53 - 2013-10-24 10:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-14 17:53 - 2013-10-24 10:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-14 17:53 - 2013-10-17 12:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-14 17:53 - 2013-10-17 11:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-14 17:53 - 2013-10-05 15:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-14 17:53 - 2013-10-05 15:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-14 17:53 - 2013-10-05 13:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-14 17:53 - 2013-10-05 13:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-12 19:56 - 2013-12-12 21:13 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\TS3Client
2013-12-12 19:52 - 2013-11-23 05:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-12 19:52 - 2013-11-23 05:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-12 19:52 - 2013-11-23 04:32 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-12 19:52 - 2013-11-23 04:10 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-12 19:52 - 2013-11-09 07:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-12 19:52 - 2013-11-09 07:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-12 19:52 - 2013-11-09 06:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-12 19:51 - 2013-12-12 19:51 - 00001222 _____ C:\Users\Timo T\Desktop\TeamSpeak 3 Client.lnk
2013-12-12 19:51 - 2013-12-12 19:51 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2013-12-12 19:51 - 2013-12-12 19:51 - 00000000 ____D C:\Users\Timo T\AppData\Local\TeamSpeak 3 Client
2013-12-12 19:31 - 2013-12-12 19:33 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Timo T\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2013-12-12 18:38 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-12 18:38 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-12 18:38 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-12 18:38 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-12 18:38 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-12 18:38 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-12 18:38 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-12 18:38 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-12 18:38 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-12 18:38 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-12 18:38 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-12 18:38 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-12 18:38 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-12 18:38 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-12 18:38 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-12 18:38 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-12 18:38 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-12 18:38 - 2013-11-08 08:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-12 18:38 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-12 18:38 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-12 18:38 - 2013-10-15 09:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-12 18:38 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-11-30 12:18 - 2013-12-29 21:40 - 00003918 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A1E9E32D-55A8-4BAF-90D6-784E9A0B66BE}
==================== One Month Modified Files and Folders =======
2013-12-29 21:46 - 2013-12-29 21:46 - 00023240 _____ C:\Users\Timo T\Downloads\FRST.txt
2013-12-29 21:46 - 2013-10-18 22:09 - 01243131 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-29 21:45 - 2013-12-29 21:45 - 00000000 ____D C:\FRST
2013-12-29 21:45 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\AppData\Local\Mobogenie
2013-12-29 21:44 - 2013-12-29 21:44 - 01931302 _____ (Farbar) C:\Users\Timo T\Downloads\FRST64.exe
2013-12-29 21:44 - 2012-11-18 01:01 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1946761082-257476130-358862400-1002
2013-12-29 21:40 - 2013-12-29 21:40 - 00000000 ____D C:\Program Files (x86)\Jump Flip
2013-12-29 21:40 - 2013-11-30 12:18 - 00003918 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A1E9E32D-55A8-4BAF-90D6-784E9A0B66BE}
2013-12-29 21:39 - 2013-12-29 21:39 - 00003120 _____ C:\WINDOWS\System32\Tasks\Advanced System Protector_startup
2013-12-29 21:39 - 2013-12-29 21:39 - 00001217 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-12-29 21:39 - 2013-12-29 21:39 - 00001103 _____ C:\Users\Timo T\Desktop\MyPC Backup.lnk
2013-12-29 21:39 - 2013-12-29 21:39 - 00001035 _____ C:\Users\Timo T\Desktop\Mobogenie.lnk
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\ProgramData\Systweak
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-12-29 21:39 - 2013-12-29 21:39 - 00000000 ____D C:\Program Files (x86)\Advanced System Protector
2013-12-29 21:39 - 2013-12-29 21:38 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Systweak
2013-12-29 21:39 - 2013-12-29 21:38 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-12-29 21:39 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\AppData\Local\genienext
2013-12-29 21:39 - 2012-11-18 00:51 - 00000000 ___RD C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-29 21:38 - 2013-12-29 21:38 - 00003316 _____ C:\WINDOWS\System32\Tasks\Advanced System Protector
2013-12-29 21:38 - 2013-12-29 21:38 - 00003108 _____ C:\WINDOWS\System32\Tasks\RegClean Pro
2013-12-29 21:38 - 2013-12-29 21:38 - 00003012 _____ C:\WINDOWS\System32\Tasks\RegClean Pro_UPDATES
2013-12-29 21:38 - 2013-12-29 21:38 - 00002856 _____ C:\WINDOWS\System32\Tasks\RegClean Pro_DEFAULT
2013-12-29 21:38 - 2013-12-29 21:38 - 00002646 _____ C:\WINDOWS\System32\Tasks\Digital Sites
2013-12-29 21:38 - 2013-12-29 21:38 - 00001130 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-12-29 21:38 - 2013-12-29 21:38 - 00001066 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-12-29 21:38 - 2013-12-29 21:38 - 00000308 _____ C:\WINDOWS\Tasks\Digital Sites.job
2013-12-29 21:38 - 2013-12-29 21:38 - 00000296 _____ C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
2013-12-29 21:38 - 2013-12-29 21:38 - 00000288 _____ C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
2013-12-29 21:38 - 2013-12-29 21:38 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\DigitalSites
2013-12-29 21:38 - 2013-12-29 21:38 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-12-29 21:38 - 2013-12-29 21:38 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-12-29 21:37 - 2013-12-29 21:37 - 00673568 _____ ( ) C:\Users\Timo T\Downloads\ZipOpenerSetup.exe
2013-12-29 21:31 - 2013-11-06 20:26 - 00000936 _____ C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-12-29 21:28 - 2013-02-03 13:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-29 21:27 - 2013-11-06 20:27 - 00000308 _____ C:\WINDOWS\Tasks\UpdaterEX.job
2013-12-29 21:26 - 2013-11-06 20:26 - 00000304 _____ C:\WINDOWS\Tasks\FoxTab.job
2013-12-29 21:05 - 2013-07-25 21:49 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-29 21:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-29 20:31 - 2013-12-29 20:31 - 00000000 ____D C:\ProgramData\Websteroids
2013-12-29 20:31 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\newnext.me
2013-12-29 20:31 - 2013-11-06 20:26 - 00000932 _____ C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-12-29 20:31 - 2013-10-18 22:20 - 00000000 __RDO C:\Users\Timo T\SkyDrive
2013-12-29 20:30 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-29 20:30 - 2013-07-25 21:49 - 00001116 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-29 20:29 - 2013-09-29 20:04 - 00003230 _____ C:\WINDOWS\PFRO.log
2013-12-29 20:29 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-12-29 20:26 - 2013-11-06 20:26 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-12-29 20:25 - 2013-12-29 18:15 - 00000000 ____D C:\ProgramData\WPM
2013-12-29 20:24 - 2013-12-29 18:15 - 00000000 ____D C:\Users\Timo T\AppData\Local\Lollipop
2013-12-29 20:21 - 2013-12-29 18:16 - 00000138 _____ C:\Users\Timo T\daemonprocess.txt
2013-12-29 19:44 - 2013-12-29 19:44 - 00000000 ____D C:\ProgramData\Oracle
2013-12-29 19:43 - 2013-12-29 19:44 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-12-29 19:43 - 2013-12-29 19:44 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-12-29 19:43 - 2013-12-29 19:44 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-12-29 19:43 - 2013-12-29 19:44 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-12-29 19:43 - 2013-12-29 19:43 - 00000000 ____D C:\Program Files\Java
2013-12-29 19:42 - 2013-12-29 19:42 - 30694824 _____ (Oracle Corporation) C:\Users\Timo T\Downloads\jre-7u45-windows-x64.exe
2013-12-29 19:39 - 2013-12-29 19:39 - 00470032 _____ C:\Users\Timo T\Downloads\Java.exe
2013-12-29 19:16 - 2013-03-10 13:11 - 00000942 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1946761082-257476130-358862400-1002UA.job
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\Documents\Mobogenie
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\AppData\Local\cache
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\Users\Timo T\.android
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\ProgramData\Updater
2013-12-29 18:16 - 2013-12-29 18:16 - 00000000 ____D C:\ProgramData\RHelpers
2013-12-29 18:16 - 2013-10-18 21:52 - 00000000 ____D C:\Users\Timo T
2013-12-29 18:15 - 2013-10-18 22:16 - 00001678 _____ C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-29 18:15 - 2012-11-18 01:37 - 00001363 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-29 18:14 - 2013-12-29 18:14 - 00002066 _____ C:\Users\Timo T\Desktop\Continue installation - FlashPlayer.lnk
2013-12-29 18:11 - 2013-12-29 18:11 - 00336936 _____ (Amônétízé Ltd) C:\Users\Timo T\Downloads\FlashPlayer__4003_i220968287_il14.exe
2013-12-29 13:16 - 2013-03-10 13:11 - 00000920 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1946761082-257476130-358862400-1002Core.job
2013-12-29 10:33 - 2013-12-29 10:33 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Bonanza
2013-12-24 16:01 - 2013-12-24 15:58 - 00000000 ____D C:\ProgramData\dOwwnnloadittkeep
2013-12-24 16:00 - 2013-12-24 15:58 - 00000000 ____D C:\ProgramData\saavinugtoyyou
2013-12-24 15:58 - 2013-12-24 15:58 - 00000000 ____D C:\ProgramData\e8a480b429bfdc00
2013-12-24 11:39 - 2013-11-06 20:27 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-12-23 22:19 - 2013-11-04 18:21 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Black & Bloody Vengeance
2013-12-23 22:18 - 2013-12-20 21:03 - 00001077 _____ C:\Users\Public\Desktop\ActiveDossierUploader.lnk
2013-12-23 22:18 - 2013-12-20 21:03 - 00001027 _____ C:\Users\Public\Desktop\Radial Menu Editor.lnk
2013-12-23 22:18 - 2013-12-20 21:03 - 00000942 _____ C:\Users\Public\Desktop\Setup WoT Stats.lnk
2013-12-23 22:18 - 2013-12-20 21:03 - 00000096 _____ C:\Users\Public\Desktop\[BV] Mod Collection Updates.url
2013-12-23 21:57 - 2013-12-23 21:18 - 119282768 _____ (Black & Bloody Vengeance) C:\Users\Timo T\Downloads\[BV] Mod Collection Installer 8.10.4.exe
2013-12-22 15:38 - 2013-08-17 19:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-22 15:36 - 2013-01-01 03:07 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-22 15:00 - 2012-11-18 01:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 20:22 - 2013-11-15 20:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-12-21 20:07 - 2013-12-21 20:07 - 00002236 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-21 20:07 - 2013-07-25 21:49 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-21 19:52 - 2013-12-21 19:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 20:43 - 2013-09-30 05:14 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-20 20:43 - 2013-09-30 04:56 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2013-12-20 20:43 - 2013-09-30 04:56 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2013-12-18 18:30 - 2013-05-07 18:32 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2013-12-18 18:30 - 2013-03-30 20:34 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-12-18 18:30 - 2013-03-30 20:34 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-12-18 18:26 - 2013-12-18 18:26 - 00000030 _____ C:\Users\Timo T\AppData\Roaming\WB.CFG
2013-12-16 21:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-14 21:55 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-14 21:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-14 21:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-14 21:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-14 21:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-14 17:45 - 2013-08-22 15:44 - 00335992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-12 21:13 - 2013-12-12 19:56 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\TS3Client
2013-12-12 19:51 - 2013-12-12 19:51 - 00001222 _____ C:\Users\Timo T\Desktop\TeamSpeak 3 Client.lnk
2013-12-12 19:51 - 2013-12-12 19:51 - 00000000 ____D C:\Users\Timo T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2013-12-12 19:51 - 2013-12-12 19:51 - 00000000 ____D C:\Users\Timo T\AppData\Local\TeamSpeak 3 Client
2013-12-12 19:33 - 2013-12-12 19:31 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Timo T\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2013-12-12 19:00 - 2013-07-25 21:49 - 00004092 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-12 19:00 - 2013-07-25 21:49 - 00003856 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-10 20:28 - 2013-02-03 13:41 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-12-04 01:05 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:05 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-03 19:42 - 2013-01-19 11:27 - 00003812 _____ C:\WINDOWS\System32\Tasks\Scheduled Update for Ask Toolbar
2013-12-03 19:42 - 2013-01-19 11:27 - 00000000 ____D C:\Program Files (x86)\Ask.com
2013-12-03 19:39 - 2013-08-22 15:46 - 00333628 _____ C:\WINDOWS\setupact.log
2013-12-02 21:17 - 2013-05-09 12:45 - 00000000 ____D C:\Users\Timo T\AppData\Local\DoNotTrackPlus
Some content of TEMP:
====================
C:\Users\Timo T\AppData\Local\Temp\avgnt.exe
C:\Users\Timo T\AppData\Local\Temp\BackupSetup.exe
C:\Users\Timo T\AppData\Local\Temp\FlashPlayer__4003_i220968287_il14.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-29 20:16
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- ---
alles Richtig? ich habe noch nichts selber versucht oder irgendelche virenscanns gemacht. |