Zurück   Trojaner-Board > Archiv - Kein Posten möglich > Mülltonne
Logfiles - First / Addition

Logfiles - First / Addition


Mülltonne: Logfiles - First / Addition

Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne...

 
Alt 10.10.2013, 20:54   #1
alst_str
 
Logfiles - First / Addition - Standard

Logfiles - First / Addition


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.4 (10.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by ast on 10.10.2013 at 21:36:48,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] backupstack
Successfully deleted: [Service] backupstack
Failed to stop: [Service] update whilokii



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\systweakasp_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\systweakasp_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\openit open it!
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BC70585-04B1-4BF3-BD1B-E829876E5EDA}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{3BC70585-04B1-4BF3-BD1B-E829876E5EDA}



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\digitalsite.job
Successfully deleted: [File] "C:\Users\Public\Desktop\open it!.lnk"
Successfully disinfected: [Shortcut] C:\Users\ast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\ast\AppData\Roaming\microsoft\windows\start menu\Programs\Internet Explorer (64-bit).lnk
Successfully disinfected: [Shortcut] C:\Users\ast\AppData\Roaming\microsoft\windows\start menu\Programs\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\ast\AppData\Roaming\microsoft\windows\start menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Successfully disinfected: [Shortcut] C:\Users\Public\Desktop\Mozilla Firefox.lnk
Successfully repaired: [Shortcut] C:\Users\ast\desktop\Google Chrome.lnk
Successfully repaired: [Shortcut] C:\Users\ast\desktop\Internet Explorer.lnk



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\systweak"
Successfully deleted: [Folder] "C:\Users\ast\AppData\Roaming\digitalsite"
Successfully deleted: [Folder] "C:\Users\ast\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\ast\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\ast\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\Program Files (x86)\openit"
Failed to delete: [Folder] "C:\Program Files (x86)\whilokii"
Successfully deleted: [Folder] "C:\Program Files (x86)\zula games"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\advanced system protector"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!"
Successfully deleted: [Folder] "C:\Users\ast\AppData\Roaming\microsoft\windows\start menu\programs\mypc backup"
Successfully deleted: [Empty Folder] C:\Users\ast\appdata\local\{0E13E553-B5CA-4325-A48D-CC5E028C647A}
Successfully deleted: [Empty Folder] C:\Users\ast\appdata\local\{3EF53EAC-E36D-47B4-B90D-CB7AD2DDD803}
Successfully deleted: [Empty Folder] C:\Users\ast\appdata\local\{5AAA8B6B-728F-44A1-8C73-BD4E417FB9B7}
Successfully deleted: [Empty Folder] C:\Users\ast\appdata\local\{88AADB4E-628B-4D25-AE47-B8BACC14F2B0}
Successfully deleted: [Empty Folder] C:\Users\ast\appdata\local\{90577A27-CA8D-4749-989E-38C381A88BEA}
Successfully deleted: [Empty Folder] C:\Users\ast\appdata\local\{94585348-AC8A-4E97-B9CD-F36FE663D3B3}
Successfully deleted: [Empty Folder] C:\Users\ast\appdata\local\{CECE3C97-1DCC-453D-B10C-C15D14EC2B5F}
Successfully deleted: [Empty Folder] C:\Users\ast\appdata\local\{DC5D295F-CEB7-4FBF-BF08-27674694FFAE}
Successfully deleted: [Empty Folder] C:\Users\ast\appdata\local\{E0135D18-AEB8-4ECD-A5B3-FA56C61C1B60}
Successfully deleted: [Empty Folder] C:\Users\ast\appdata\local\{E737E6BD-B760-4DDB-8034-CD6ED04EB35E}
Successfully deleted: [Empty Folder] C:\Users\ast\appdata\local\{F5CFB573-2BD8-4824-B191-07057F280692}



~~~ FireFox

Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml"
Successfully deleted: [File] C:\Users\ast\AppData\Roaming\mozilla\firefox\profiles\6eypn46a.default\user.js
Successfully deleted: [Folder] C:\Users\ast\AppData\Roaming\mozilla\firefox\profiles\6eypn46a.default\extensions\ad80235d-5e5a-4a1d-a891-51b66a3e70f8@8f877d80-6977-415f-ac14-b52043838c19.com
Successfully deleted: [Folder] C:\Users\ast\AppData\Roaming\mozilla\firefox\profiles\6eypn46a.default\extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}
Successfully deleted the following from C:\Users\ast\AppData\Roaming\mozilla\firefox\profiles\6eypn46a.default\prefs.js

user_pref("browser.search.defaultenginename", "qvo6");
user_pref("browser.search.selectedEngine", "qvo6");
user_pref("iminent.LayoutId", "1");
user_pref("iminent.ShowThankyouPixel", "0");
user_pref("iminent.displayFavLinks", "0");
user_pref("iminent.registerToolbarEvent102", "1381348345427");
user_pref("iminent.registerToolbarEvent109", "1380013889603");
user_pref("iminent.registerToolbarEvent111", "1380013889607");
user_pref("iminent.registerToolbarEvent112", "1380013893316");
user_pref("iminent.registerToolbarEvent122", "1380013889612");
user_pref("iminent.registerToolbarEvent140", "1381348570935");
user_pref("iminent.version", "7.41.2.1");
user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.33.3.1\",\"InstallEventCTime\":1376561632719,\"InstallEvent\":\"True\",\"UpdateEventCTime\":1381399156630}");
user_pref("iminent.webbooster.scripts.minibar.FavLinkSplitTestingClass", "v2");
user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "1");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1376220538823");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1373877040510");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1373877040515");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent112", "1373885312425");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent122", "1373877040519");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1374825903338");
user_pref("iminent.webbooster.scripts.sslminibar.FavLinkSplitTestingClass", "v1");
user_pref("iminent.webbooster.scripts.sslminibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.sslminibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.sslminibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.sslminibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.sslminibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.sslminibar.displayFavLinks", "1");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1376220886210");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent109", "1376379607165");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent110", "1373875392677");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent111", "1376379607168");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent112", "1376379630818");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent122", "1376379607172");
Emptied folder: C:\Users\ast\AppData\Roaming\mozilla\firefox\profiles\6eypn46a.default\minidumps [738 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.10.2013 at 21:42:45,36
End of JRT log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by ast (administrator) on HP-NOTEBOOK on 10-10-2013 21:46:06
Running from C:\Users\ast\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
() C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CyberLink) C:\Program Files (x86)\HomeCinema\Power2Go\CLMLSvc.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3\TMMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Thisisu) C:\Users\ast\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Whilokii) C:\Program Files (x86)\Whilokii\updateWhilokii.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-10] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-06-08] (IDT, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [KiesHelper] - C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [958352 2011-07-26] (Samsung)
HKCU\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3507088 2011-07-26] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [20880 2011-07-26] ()
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [38112 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-05-17] (EasyBits Software AS)
HKLM-x32\...\Run: [NWEReboot] - [x]
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\HomeCinema\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
AppInit_DLLs: [0 ] ()
Startup: C:\Users\ast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (No File)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BPVT-60HXZT3_WD-WXD1E71HAZX2HAZX2&ts=1381407784
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BPVT-60HXZT3_WD-WXD1E71HAZX2HAZX2&ts=1381407784
URLSearchHook: (No Name) - {3bbd3c14-4c16-4989-8366-95bc9179779d} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=WDCXWD5000BPVT-60HXZT3_WD-WXD1E71HAZX2HAZX2&ts=1381407784
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BPVT-60HXZT3_WD-WXD1E71HAZX2HAZX2&ts=1381407784&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BPVT-60HXZT3_WD-WXD1E71HAZX2HAZX2&ts=1381407784&type=default&q={searchTerms}
SearchScopes: HKLM - {3BC70585-04B1-4BF3-BD1B-E829876E5EDA} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM - No Name - !{3bbd3c14-4c16-4989-8366-95bc9179779d} - No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - !{3bbd3c14-4c16-4989-8366-95bc9179779d} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52920 2011-07-15] (EasyBits Software Corp.)
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
Tcpip\..\Interfaces\{1ECC3226-0A37-4BA8-BE6D-A31C31DA44E7}: [NameServer]193.189.250.101 193.189.250.100

FireFox:
========
FF ProfilePath: C:\Users\ast\AppData\Roaming\Mozilla\Firefox\Profiles\6eypn46a.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Homepage: hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=0E6760D819016974&affID=125035&tl=gkn542094&tsp=5031
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\ast\AppData\Roaming\Mozilla\Firefox\Profiles\6eypn46a.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\ast\AppData\Roaming\Mozilla\Firefox\Profiles\6eypn46a.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\ast\AppData\Roaming\Mozilla\Firefox\Profiles\6eypn46a.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\ast\AppData\Roaming\Mozilla\Firefox\Profiles\6eypn46a.default\searchplugins\nch-de-customized-web-search.xml
FF SearchPlugin: C:\Users\ast\AppData\Roaming\Mozilla\Firefox\Profiles\6eypn46a.default\searchplugins\searchgol.xml
FF SearchPlugin: C:\Users\ast\AppData\Roaming\Mozilla\Firefox\Profiles\6eypn46a.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: SearchGol - C:\Users\ast\AppData\Roaming\Mozilla\Firefox\Profiles\6eypn46a.default\Extensions\ffxtlbr@searchgol.com
FF Extension: FoxLingo - C:\Users\ast\AppData\Roaming\Mozilla\Firefox\Profiles\6eypn46a.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
FF Extension: FoxyDeal - C:\Users\ast\AppData\Roaming\Mozilla\Firefox\Profiles\6eypn46a.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: firefox - C:\Users\ast\AppData\Roaming\Mozilla\Firefox\Profiles\6eypn46a.default\Extensions\firefox@whilokii.net.xpi
FF Extension: toolbar - C:\Users\ast\AppData\Roaming\Mozilla\Firefox\Profiles\6eypn46a.default\Extensions\toolbar@web.de.xpi
FF Extension: zulagames - C:\Users\ast\AppData\Roaming\Mozilla\Firefox\Profiles\6eypn46a.default\Extensions\zulagames@ZulaGames.com.xpi
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=WDCXWD5000BPVT-60HXZT3_WD-WXD1E71HAZX2HAZX2&ts=1381407784

Chrome:
=======
CHR HomePage: hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=0E6760D819016974&affID=125035&tl=gkn542094&tsp=5031
CHR RestoreOnStartup: "hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=0E6760D819016974&affID=125035&tl=gkn542094&tsp=5031"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Simple Pass 2011) - C:\Users\ast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhihajbmafmgilcciomnamcjfkdhikl\1.0_0\npwebsitelogon.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\ast\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\ast\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Plus-HD-2.4) - C:\Users\ast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf\1.24.48_0
CHR Extension: (BonanzaDeals) - C:\Users\ast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\ast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\ast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [hdhihajbmafmgilcciomnamcjfkdhikl] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx
CHR HKLM-x32\...\Chrome\Extension: [iaimhpklononapfjngelgdokckfjekfc] - C:\Program Files (x86)\Whilokii\iaimhpklononapfjngelgdokckfjekfc.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=WDCXWD5000BPVT-60HXZT3_WD-WXD1E71HAZX2HAZX2&ts=1381407784

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-02] (Avira Operations GmbH & Co. KG)
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-10] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-10] (BonanzaDeals)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 Update Whilokii; C:\Program Files (x86)\Whilokii\updateWhilokii.exe [65304 2013-10-05] (Whilokii)
S3 hpqwmiex; "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-21] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 STTub30; C:\Windows\System32\Drivers\STTub30.sys [44768 2009-04-14] (STM)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-10 21:46 - 2013-10-10 21:46 - 00000000 ____D C:\FRST
2013-10-10 21:44 - 2013-10-10 21:45 - 01954124 _____ (Farbar) C:\Users\ast\Downloads\FRST64.exe
2013-10-10 21:42 - 2013-10-10 21:42 - 00011448 _____ C:\Users\ast\Desktop\JRT.txt
2013-10-10 21:36 - 2013-10-10 21:36 - 01032220 _____ (Thisisu) C:\Users\ast\Downloads\JRT.exe
2013-10-10 21:36 - 2013-10-10 21:36 - 00000000 ____D C:\Windows\ERUNT
2013-10-10 14:30 - 2013-10-10 14:30 - 00001069 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-10 14:30 - 2013-10-10 14:30 - 00000000 ____D C:\Users\ast\AppData\Roaming\Malwarebytes
2013-10-10 14:30 - 2013-10-10 14:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-10 14:30 - 2013-10-10 14:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-10 14:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-10 14:29 - 2013-10-10 14:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\ast\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-10 14:27 - 2013-10-10 14:27 - 00001134 _____ C:\Users\ast\Desktop\Continue Zip Extractor Installation.lnk
2013-10-10 14:24 - 2013-10-10 14:24 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-10-10 14:23 - 2013-10-10 21:38 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-10 14:23 - 2013-10-10 21:29 - 00000916 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-10-10 14:23 - 2013-10-10 21:29 - 00000280 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-10-10 14:23 - 2013-10-10 21:28 - 00000920 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-10-10 14:23 - 2013-10-10 21:27 - 00000000 ____D C:\Program Files (x86)\searchgol
2013-10-10 14:23 - 2013-10-10 21:05 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2013-10-10 14:23 - 2013-10-10 21:05 - 00001426 _____ C:\Users\ast\Desktop\Registry kostenlos entrümpeln!.lnk
2013-10-10 14:23 - 2013-10-10 14:23 - 00003916 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-10-10 14:23 - 2013-10-10 14:23 - 00003664 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-10-10 14:23 - 2013-10-10 14:23 - 00003386 _____ C:\Windows\System32\Tasks\EPUpdater
2013-10-10 14:23 - 2013-10-10 14:23 - 00003382 _____ C:\Windows\System32\Tasks\BonanzaDealsUpdate
2013-10-10 14:23 - 2013-10-10 14:23 - 00003318 _____ C:\Windows\System32\Tasks\Advanced System Protector
2013-10-10 14:23 - 2013-10-10 14:23 - 00003024 _____ C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2013-10-10 14:23 - 2013-10-10 14:23 - 00001161 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-10-10 14:23 - 2013-10-10 14:23 - 00001047 _____ C:\Users\ast\Desktop\MyPC Backup.lnk
2013-10-10 14:23 - 2013-10-10 14:23 - 00001010 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-10-10 14:23 - 2013-10-10 14:23 - 00000000 ____D C:\Users\ast\AppData\Roaming\searchgol
2013-10-10 14:23 - 2013-10-10 14:23 - 00000000 ____D C:\Users\ast\AppData\Local\BonanzaDealsLive
2013-10-10 14:23 - 2013-10-10 14:23 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-10 14:23 - 2013-10-10 14:23 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-10 14:23 - 2013-07-22 16:07 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2013-10-10 14:23 - 2012-07-25 12:03 - 00016896 _____ C:\Windows\system32\sasnative64.exe
2013-10-10 14:22 - 2013-10-10 14:22 - 00000000 ____D C:\Users\ast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
2013-10-10 14:22 - 2013-10-10 14:22 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-10 13:23 - 2013-10-10 13:23 - 00000000 ____D C:\Users\ast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF-to-Word
2013-10-10 13:22 - 2013-10-10 13:22 - 00832598 _____ C:\Users\ast\Downloads\pdf2wordd(1).exe
2013-10-10 13:13 - 2013-10-10 13:13 - 00003132 _____ C:\Windows\System32\Tasks\{2F11BC40-9FE3-453B-A727-2904F9330E46}
2013-10-10 12:34 - 2013-10-10 12:34 - 100267706 _____ C:\Windows\SysWOW64\績殺Š
2013-10-10 12:10 - 2013-10-10 12:10 - 00008018 _____ C:\Users\ast\Desktop\attach.txt
2013-10-10 12:10 - 2013-10-10 12:09 - 00015258 _____ C:\Users\ast\Desktop\dds.txt
2013-10-10 12:07 - 2013-10-10 12:07 - 00700783 ____R (Swearware) C:\Users\ast\Downloads\dds+.exe
2013-10-10 11:57 - 2013-10-10 12:01 - 00000000 ____D C:\AdwCleaner
2013-10-10 11:55 - 2013-10-10 11:55 - 01048960 _____ C:\Users\ast\Downloads\adwcleaner.exe
2013-10-03 10:35 - 2013-10-03 10:35 - 98878632 _____ C:\Windows\SysWOW64\�崅D
2013-10-02 14:15 - 2013-10-04 16:16 - 00000000 ____D C:\AA-GoogleKamp
2013-10-01 11:01 - 2013-10-01 11:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-25 08:55 - 2013-09-25 08:55 - 97673008 _____ C:\Windows\SysWOW64\璉ꚾ*
2013-09-23 15:15 - 2013-09-23 15:30 - 01530894 _____ C:\Users\ast\Downloads\gps.apk
2013-09-23 09:08 - 2013-10-04 12:33 - 00000000 ____D C:\BremenWahl2013
2013-09-18 18:53 - 2013-10-04 11:04 - 00000000 ____D C:\AA-SAP
2013-09-11 11:21 - 2013-10-09 13:38 - 00000000 ____D C:\AA-Motion-Sensor

==================== One Month Modified Files and Folders =======

2013-10-10 21:46 - 2013-10-10 21:46 - 00000000 ____D C:\FRST
2013-10-10 21:45 - 2013-10-10 21:44 - 01954124 _____ (Farbar) C:\Users\ast\Downloads\FRST64.exe
2013-10-10 21:42 - 2013-10-10 21:42 - 00011448 _____ C:\Users\ast\Desktop\JRT.txt
2013-10-10 21:42 - 2012-11-01 13:54 - 00001409 _____ C:\Users\ast\Desktop\Internet Explorer.lnk
2013-10-10 21:42 - 2012-11-01 12:45 - 00002215 _____ C:\Users\ast\Desktop\Google Chrome.lnk
2013-10-10 21:42 - 2012-09-18 20:16 - 00001090 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-10 21:42 - 2012-01-06 19:22 - 00001439 _____ C:\Users\ast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-10 21:42 - 2012-01-06 19:22 - 00001405 _____ C:\Users\ast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-10-10 21:38 - 2013-10-10 14:23 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-10 21:38 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-10 21:38 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-10 21:36 - 2013-10-10 21:36 - 01032220 _____ (Thisisu) C:\Users\ast\Downloads\JRT.exe
2013-10-10 21:36 - 2013-10-10 21:36 - 00000000 ____D C:\Windows\ERUNT
2013-10-10 21:34 - 2012-04-06 11:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-10 21:29 - 2013-10-10 14:23 - 00000916 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-10-10 21:29 - 2013-10-10 14:23 - 00000280 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-10-10 21:29 - 2012-12-09 19:20 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-10-10 21:29 - 2012-10-16 15:39 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-10 21:29 - 2010-11-21 05:47 - 01018078 _____ C:\Windows\PFRO.log
2013-10-10 21:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-10 21:29 - 2009-07-14 06:51 - 00097129 _____ C:\Windows\setupact.log
2013-10-10 21:28 - 2013-10-10 14:23 - 00000920 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-10-10 21:28 - 2011-09-23 01:41 - 01738448 _____ C:\Windows\WindowsUpdate.log
2013-10-10 21:27 - 2013-10-10 14:23 - 00000000 ____D C:\Program Files (x86)\searchgol
2013-10-10 21:14 - 2012-10-16 15:39 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-10 21:05 - 2013-10-10 14:23 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2013-10-10 21:05 - 2013-10-10 14:23 - 00001426 _____ C:\Users\ast\Desktop\Registry kostenlos entrümpeln!.lnk
2013-10-10 21:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-10-10 14:30 - 2013-10-10 14:30 - 00001069 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-10 14:30 - 2013-10-10 14:30 - 00000000 ____D C:\Users\ast\AppData\Roaming\Malwarebytes
2013-10-10 14:30 - 2013-10-10 14:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-10 14:30 - 2013-10-10 14:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-10 14:29 - 2013-10-10 14:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\ast\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-10 14:27 - 2013-10-10 14:27 - 00001134 _____ C:\Users\ast\Desktop\Continue Zip Extractor Installation.lnk
2013-10-10 14:24 - 2013-10-10 14:24 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-10-10 14:23 - 2013-10-10 14:23 - 00003916 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-10-10 14:23 - 2013-10-10 14:23 - 00003664 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-10-10 14:23 - 2013-10-10 14:23 - 00003386 _____ C:\Windows\System32\Tasks\EPUpdater
2013-10-10 14:23 - 2013-10-10 14:23 - 00003382 _____ C:\Windows\System32\Tasks\BonanzaDealsUpdate
2013-10-10 14:23 - 2013-10-10 14:23 - 00003318 _____ C:\Windows\System32\Tasks\Advanced System Protector
2013-10-10 14:23 - 2013-10-10 14:23 - 00003024 _____ C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2013-10-10 14:23 - 2013-10-10 14:23 - 00001161 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-10-10 14:23 - 2013-10-10 14:23 - 00001047 _____ C:\Users\ast\Desktop\MyPC Backup.lnk
2013-10-10 14:23 - 2013-10-10 14:23 - 00001010 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-10-10 14:23 - 2013-10-10 14:23 - 00000000 ____D C:\Users\ast\AppData\Roaming\searchgol
2013-10-10 14:23 - 2013-10-10 14:23 - 00000000 ____D C:\Users\ast\AppData\Local\BonanzaDealsLive
2013-10-10 14:23 - 2013-10-10 14:23 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-10 14:23 - 2013-10-10 14:23 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-10 14:23 - 2012-01-06 19:22 - 00000000 ___RD C:\Users\ast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-10 14:22 - 2013-10-10 14:22 - 00000000 ____D C:\Users\ast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
2013-10-10 14:22 - 2013-10-10 14:22 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-10 14:18 - 2012-11-26 11:09 - 00000000 ____D C:\A-Marketing
2013-10-10 13:23 - 2013-10-10 13:23 - 00000000 ____D C:\Users\ast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF-to-Word
2013-10-10 13:22 - 2013-10-10 13:22 - 00832598 _____ C:\Users\ast\Downloads\pdf2wordd(1).exe
2013-10-10 13:13 - 2013-10-10 13:13 - 00003132 _____ C:\Windows\System32\Tasks\{2F11BC40-9FE3-453B-A727-2904F9330E46}
2013-10-10 12:34 - 2013-10-10 12:34 - 100267706 _____ C:\Windows\SysWOW64\績殺Š
2013-10-10 12:10 - 2013-10-10 12:10 - 00008018 _____ C:\Users\ast\Desktop\attach.txt
2013-10-10 12:09 - 2013-10-10 12:10 - 00015258 _____ C:\Users\ast\Desktop\dds.txt
2013-10-10 12:07 - 2013-10-10 12:07 - 00700783 ____R (Swearware) C:\Users\ast\Downloads\dds+.exe
2013-10-10 12:01 - 2013-10-10 11:57 - 00000000 ____D C:\AdwCleaner
2013-10-10 11:55 - 2013-10-10 11:55 - 01048960 _____ C:\Users\ast\Downloads\adwcleaner.exe
2013-10-10 09:34 - 2012-04-06 11:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 09:34 - 2012-04-06 11:12 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 09:34 - 2011-07-15 20:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 21:01 - 2012-01-06 19:18 - 00000000 ____D C:\Users\ast
2013-10-09 21:00 - 2012-02-14 12:43 - 00000000 ____D C:\Windows\system32\Macromed
2013-10-09 21:00 - 2012-02-07 23:24 - 00000000 ____D C:\Users\ast\Documents\Youcam
2013-10-09 21:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2013-10-09 20:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-10-09 17:29 - 2013-03-15 10:16 - 00000000 ____D C:\A-Umsatz
2013-10-09 13:38 - 2013-09-11 11:21 - 00000000 ____D C:\AA-Motion-Sensor
2013-10-04 16:16 - 2013-10-02 14:15 - 00000000 ____D C:\AA-GoogleKamp
2013-10-04 12:33 - 2013-09-23 09:08 - 00000000 ____D C:\BremenWahl2013
2013-10-04 12:28 - 2012-02-06 12:06 - 00000000 ____D C:\Users\ast\AppData\Local\CrashDumps
2013-10-04 11:04 - 2013-09-18 18:53 - 00000000 ____D C:\AA-SAP
2013-10-03 10:35 - 2013-10-03 10:35 - 98878632 _____ C:\Windows\SysWOW64\�崅D
2013-10-02 13:36 - 2013-04-21 17:11 - 00000000 ____D C:\A-ADREmail
2013-10-01 18:45 - 2012-09-18 20:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-01 12:11 - 2012-09-18 20:16 - 00000000 ____D C:\Users\ast\AppData\Local\Mozilla
2013-10-01 11:01 - 2013-10-01 11:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-30 09:47 - 2012-11-06 18:24 - 00000000 ____D C:\A-MANUALS
2013-09-26 17:21 - 2011-07-16 06:07 - 00654166 _____ C:\Windows\system32\perfh007.dat
2013-09-26 17:21 - 2011-07-16 06:07 - 00130006 _____ C:\Windows\system32\perfc007.dat
2013-09-26 17:21 - 2009-07-14 07:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-25 20:36 - 2013-07-05 12:14 - 00000000 ____D C:\AA-Mitbewerb
2013-09-25 08:55 - 2013-09-25 08:55 - 97673008 _____ C:\Windows\SysWOW64\璉ꚾ*
2013-09-23 15:30 - 2013-09-23 15:15 - 01530894 _____ C:\Users\ast\Downloads\gps.apk
2013-09-20 16:53 - 2013-06-30 09:31 - 00000000 ____D C:\AA-eCall
2013-09-20 09:58 - 2012-11-17 10:20 - 00003174 _____ C:\Windows\System32\Tasks\HPCeeScheduleForast
2013-09-20 09:58 - 2012-11-17 10:20 - 00000324 _____ C:\Windows\Tasks\HPCeeScheduleForast.job
2013-09-17 10:42 - 2013-03-10 19:32 - 00000000 ____D C:\AA-Jan-Luetzen
2013-09-14 12:07 - 2012-11-23 11:23 - 00000000 ____D C:\China-Japan-Holzs
2013-09-10 10:32 - 2013-04-28 16:57 - 00000000 ____D C:\AA-Website+Statistik

Some content of TEMP:
====================
C:\Users\ast\AppData\Local\Temp\AskSLib.dll
C:\Users\ast\AppData\Local\Temp\avgnt.exe
C:\Users\ast\AppData\Local\Temp\BackupSetup.exe
C:\Users\ast\AppData\Local\Temp\bdfilters.dll
C:\Users\ast\AppData\Local\Temp\bj-uurck.dll
C:\Users\ast\AppData\Local\Temp\DevSetup32.dll
C:\Users\ast\AppData\Local\Temp\DevSetup64.dll
C:\Users\ast\AppData\Local\Temp\DriverInstall32.exe
C:\Users\ast\AppData\Local\Temp\DriverInstall64.exe
C:\Users\ast\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\ast\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\ast\AppData\Local\Temp\hvpekgi0.dll
C:\Users\ast\AppData\Local\Temp\installhelper.dll
C:\Users\ast\AppData\Local\Temp\nsc9501.tmp.exe
C:\Users\ast\AppData\Local\Temp\nsj8C58.tmp.exe
C:\Users\ast\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\ast\AppData\Local\Temp\qspreum9.dll
C:\Users\ast\AppData\Local\Temp\Quarantine.exe
C:\Users\ast\AppData\Local\Temp\Resource.exe
C:\Users\ast\AppData\Local\Temp\SetupDataMngr_jZip.exe
C:\Users\ast\AppData\Local\Temp\sp58915.exe
C:\Users\ast\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\ast\AppData\Local\Temp\tbFLV_.dll
C:\Users\ast\AppData\Local\Temp\UninstallHPSA.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-01 08:29

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by ast at 2013-10-10 21:47:32
Running from C:\Users\ast\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Photoshop 7.0 (x32 Version: 7.0)
Adobe Reader X (10.1.6) MUI (x32 Version: 10.1.6)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.9.620)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft TotalMedia 3 (x32)
AuthenTec TrueAPI (Version: 1.3.0.111)
AutoUpdate (x32 Version: 1.1)
Avira Free Antivirus (x32 Version: 14.0.0.383)
Bandicam (x32 Version: 1.8.3.272)
Bandisoft MPEG-1 Decoder (x32)
Bing Bar (x32 Version: 7.0.610.0)
Bonanza Deals (remove only) (x32 Version: 5.0.1.0)
Bonjour (Version: 3.0.0.10)
CyberLink Power2Go (x32 Version: 7.0.0.1906)
CyberLink PowerDirector (x32 Version: 8.0.3224a)
CyberLink PowerProducer (x32 Version: 5.0.2.4230)
CyberLink YouCam (x32 Version: 3.5.1.4119)
D3DX10 (x32 Version: 15.4.2368.0902)
DivX Codec (x32 Version: 6.8.2)
DivX Player (x32 Version: 6.7.0)
Drv (x32 Version: 1.00.0000)
DVD Player (x32)
ESU for Microsoft Windows 7 SP1 (x32 Version: 2.1.1)
Evernote v. 4.2.3 (x32 Version: 4.2.3.22)
FastStone Capture 5.3 (x32 Version: 5.3)
Filzip 3.06 (x32 Version: 3.0.6)
Free PDF to Word Doc Converter v1.1 (x32 Version: 1.1)
Google Chrome (x32 Version: 30.0.1599.69)
Google Earth (x32 Version: 4.3.7204.836)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (Version: 22.50.231.0)
HP Deskjet 2050 J510 series Hilfe (x32 Version: 140.0.61.61)
HP SimplePass PE 2011 (x32 Version: 5.3.0.163)
IDT Audio (x32 Version: 1.0.6341.0)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Identity Protection Technology 1.1.2.0 (x32 Version: 1.1.2.0)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2372)
Intel(R) Rapid Storage Technology (x32 Version: 10.5.0.1026)
iTunes (Version: 11.0.4.4)
Java 7 Update 15 (64-bit) (Version: 7.0.150)
Java SE Development Kit 7 Update 15 (64-bit) (Version: 1.7.0.150)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Magic Desktop (x32 Version: 3.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MD86364 Driver Install x64 (x32 Version: 6.11.615.0)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Excel 2000 SR-1 (x32 Version: 9.00.3821)
Microsoft Office 2007 Service Pack 2 (SP2) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft PowerPoint 2000 SR-1 (x32 Version: 9.00.3821)
Microsoft Silverlight (x32 Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Windows Media Video 9 VCM (x32)
Microsoft Word 2000 (x32 Version: 9.00.2816)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
MyFreeCodec (HKCU)
MyPC Backup (Version: )
PDF24 Creator 5.2.0 (x32)
PDF-to-Word 3.1 Demo (x32)
Ralink RT5390 802.11b/g/n WiFi Adapter (x32 Version: 3.02.01.0)
Realtek Ethernet Controller Driver (x32 Version: 7.40.126.2011)
Realtek PCIE Card Reader (x32 Version: 6.1.7600.77)
Recovery Manager (x32 Version: 2.0.0)
River Past Screen Recorder (Version: 7.8)
Samsung Kies (x32 Version: 2.0.2.11071_128)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.2.2)
STMicroelectronics DfuSe v3.0.0 (x32 Version: 3.0.0)
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (Version: 22.50.231.0)
Synaptics TouchPad Driver (Version: 15.3.11.0)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition (x32)
VIP Access SDK (1.0.1.2) (x32 Version: 1.0.1.2)
Whilokii 1.0.0 (Version: 1.0.0)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

==================== Restore Points =========================

30-05-2013 09:54:47 Geplanter Prüfpunkt
07-06-2013 11:54:23 Geplanter Prüfpunkt
15-06-2013 07:23:49 Geplanter Prüfpunkt
22-06-2013 07:56:05 Geplanter Prüfpunkt
25-06-2013 07:16:46 Installed iTunes
25-06-2013 15:22:32 Removed HP Auto.
25-06-2013 15:24:19 Removed HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät
25-06-2013 15:25:05 Removed HP Deskjet 2050 J510 series Hilfe
25-06-2013 15:25:48 Removed HP Documentation
25-06-2013 15:27:12 Removed HP Launch Box
25-06-2013 15:27:25 Removed HP Launch Box
25-06-2013 15:28:03 Removed HP Setup Manager.
25-06-2013 15:28:29 Removed HP Support Assistant.
25-06-2013 15:30:57 Removed HP Update.
25-06-2013 15:31:55 Windows Modules Installer
25-06-2013 15:32:33 Windows Modules Installer
25-06-2013 15:33:03 Removed HP Software Framework
25-06-2013 15:34:02 Removed HP Setup Manager.
25-06-2013 15:35:12 Removed HP On Screen Display
25-06-2013 15:35:31 Removed HP Power Manager
25-06-2013 15:35:48 Removed HP Quick Launch
25-06-2013 15:36:34 Removed HP Setup.
25-06-2013 15:38:21 Removed HP SimplePass PE 2011.
25-06-2013 16:56:17 Free System Utilities
25-06-2013 17:03:24 Removed iTunes
25-06-2013 17:07:32 Free System Utilities 25.06.2013 19:07:32
02-07-2013 17:22:42 Geplanter Prüfpunkt
10-07-2013 06:46:52 Geplanter Prüfpunkt
11-07-2013 14:43:58 Wiederherstellungsvorgang
19-07-2013 06:01:46 Geplanter Prüfpunkt
27-07-2013 10:51:37 Geplanter Prüfpunkt
01-08-2013 20:38:47 PC Performer Do, Aug 01, 13 22:38
02-08-2013 05:49:08 Wiederherstellungsvorgang
09-08-2013 12:05:54 Geplanter Prüfpunkt
17-08-2013 08:16:03 Geplanter Prüfpunkt
17-08-2013 08:58:40 Wiederherstellungsvorgang
24-08-2013 20:34:12 Geplanter Prüfpunkt
02-09-2013 11:15:47 Geplanter Prüfpunkt
10-09-2013 09:19:25 Geplanter Prüfpunkt
18-09-2013 11:57:32 Geplanter Prüfpunkt
25-09-2013 12:17:43 Geplanter Prüfpunkt
03-10-2013 10:03:20 Geplanter Prüfpunkt
09-10-2013 18:53:29 Wiederherstellungsvorgang

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {005EB6BE-498E-4210-9250-4E2E7EBA5FFC} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-06-15] (CyberLink)
Task: {09DE5077-6686-4510-A9CF-0562B4CE8634} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
Task: {0E96AFDC-440F-4DF0-9BE3-CFCA5DD85374} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-10] (BonanzaDeals)
Task: {2CB0EF16-F2AC-4F09-8388-FF3E61731E29} - System32\Tasks\EPUpdater => C:\Users\ast\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe
Task: {43D7A20D-C820-4B2D-AF0D-33883A1A3A3A} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {5426CA6E-9373-456F-804F-9529BDF4EAE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06] (Google Inc.)
Task: {70C98D09-4C14-4DA8-830E-494B297A0BF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06] (Google Inc.)
Task: {A1229F27-B0D6-4973-9937-7FACE3B836F9} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
Task: {B019315C-3E8B-40AF-8962-C202807A3044} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe
Task: {B2318D2F-D168-45BC-8357-BE78378D27B1} - System32\Tasks\Start Registry Reviver => C:\Program Files (x86)\Reviversoft\Registry Reviver\RegistryReviver.exe
Task: {B2CD76BB-B0B5-4BD2-84EE-7B2A525E2779} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B78B8B5B-0251-453D-B3D9-5B0F56DBC7EA} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-10] (BonanzaDeals)
Task: {BE2E8902-48CC-4DFF-8D7E-69E444C55EFE} - System32\Tasks\BonanzaDealsUpdate => C:\Program
Task: {C154BEC8-4D7D-48D5-A5A9-5B967C016CC3} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
Task: {C3E66CF6-9012-4DB1-9B01-5CA6794FFE5F} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {C413903B-998C-434B-B4A2-C0F82A2074F9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {C8F878E3-A872-40D2-BFB1-D0283E336F6B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D67B7E70-7BD9-4899-94A8-AC0D3D06A549} - System32\Tasks\HPCeeScheduleForast => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForast.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe

==================== Loaded Modules (whitelisted) =============

2011-05-10 19:56 - 2011-05-10 19:56 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-01 19:48 - 2012-09-19 20:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-06 16:51 - 2012-02-06 16:51 - 00115137 _____ () C:\Users\ast\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
2010-08-03 16:39 - 2010-08-03 16:39 - 00619816 _____ () C:\Program Files (x86)\HomeCinema\Power2Go\CLMediaLibrary.dll
2010-08-03 16:39 - 2010-08-03 16:39 - 00013096 _____ () C:\Program Files (x86)\HomeCinema\Power2Go\CLMLSvcPS.dll
2012-02-06 13:53 - 2005-08-05 17:24 - 00028672 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3\uPiApi.dll
2012-02-06 13:53 - 2004-12-14 13:00 - 00430080 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3\fpxlib.dll
2012-02-06 13:53 - 2006-01-06 15:51 - 00266303 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3\magengin.dll
2012-02-06 13:53 - 2004-12-01 18:21 - 00180224 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3\kgl.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2012-02-17 11:15 - 2012-02-17 11:15 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92b2d2a459ddbe7b21b895e82161acac\IsdiInterop.ni.dll
2011-09-23 01:39 - 2011-04-30 00:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-08-30 10:23 - 2013-08-30 10:23 - 02244504 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-08-30 10:23 - 2013-08-30 10:23 - 00158104 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-08-30 10:23 - 2013-08-30 10:23 - 00022424 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-10-01 11:01 - 2013-10-01 11:01 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-10 09:34 - 2013-10-10 09:34 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (07/11/2012 04:23:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 20 seconds with 0 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 48%
Total physical RAM: 4043.86 MB
Available physical RAM: 2064.58 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 5740.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:445.34 GB) (Free:240.21 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:16.26 GB) (Free:1.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:3.95 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: CF92579A)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=445 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

==================== End Of Log ============================

Alt 11.10.2013, 05:36   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Logfiles - First / Addition - Standard

Logfiles - First / Addition


bitte nicht immer einen neuen thread aufmachen, poste die logs in dem anderen Thema, dort habe ich dir geantwortet.
__________________

__________________
 

Themen zu Logfiles - First / Addition
adobe, antivir, antivirus, avira, bingbar, bonanzadeals, bonjour, continue, converter, defender, desktop, error, excel, farbar, farbar recovery scan tool, flash player, google, home, homepage, iexplore.exe, internet, internet explorer, launch, mozilla, newtab, plug-in, realtek, regclean, registry, security, software, system, usb, whilokii, windows


« Maus und Tastatur spielen verrückt. | Notebook entmisten, Regcleaner und Consorten.... »


Ähnliche Themen: Logfiles - First / Addition


  1. Frst und addition logfiles
    Log-Analyse und Auswertung - 22.11.2014 (15)
  2. Windows 8.1: Trojaner Meldungen von Mc Afee häufen sich, GMER Ausführung funktioniert nicht, keine Ausgabe Addition.txt
    Log-Analyse und Auswertung - 14.09.2014 (13)
  3. OTL logfiles
    Log-Analyse und Auswertung - 03.03.2014 (3)
  4. Frst 64 addition.txt erstellt
    Log-Analyse und Auswertung - 22.12.2013 (1)
  5. FRST.txt und Addition.txt auswertung
    Log-Analyse und Auswertung - 30.09.2013 (62)
  6. w32/patched.uc - logfiles
    Plagegeister aller Art und deren Bekämpfung - 15.04.2013 (17)
  7. logfiles von hijackthis,
    Plagegeister aller Art und deren Bekämpfung - 23.01.2013 (56)
  8. GUV-Trojaner Logfiles
    Plagegeister aller Art und deren Bekämpfung - 11.01.2013 (2)
  9. Hätte gerne eine Auswertung meiner HJT-logfiles und meiner OTL+Extras-logfiles
    Log-Analyse und Auswertung - 26.07.2012 (15)
  10. Gvu trojaner - logfiles
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (1)
  11. OTL - Logfiles Malware
    Log-Analyse und Auswertung - 01.05.2011 (22)
  12. Auswertung der Logfiles
    Log-Analyse und Auswertung - 31.05.2010 (1)
  13. auswertung der logfiles
    Mülltonne - 16.11.2008 (0)
  14. Logfiles!!!
    Log-Analyse und Auswertung - 01.09.2007 (1)
  15. Hijack Logfiles
    Mülltonne - 08.08.2007 (5)
  16. Überprüfung von Logfiles
    Log-Analyse und Auswertung - 03.06.2006 (4)
  17. smitfraud.c logfiles
    Log-Analyse und Auswertung - 27.08.2005 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Logfiles - First / Addition - ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.4 (10.06.2013:1) OS: Windows 7 Home Premium x64 Ran by ast on 10.10.2013 at 21:36:48,28 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [Service] backupstack - Logfiles - First / Addition...
Archiv
Du betrachtest: Logfiles - First / Addition auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19