Gutealtezeit | 13.08.2014 22:07 | so bitte schon: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 13.08.2014
Suchlauf-Zeit: 21:17:53
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.08.13.06
Rootkit Datenbank: v2014.08.04.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 7
CPU: x86
Dateisystem: NTFS
Benutzer: Privat
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 384973
Verstrichene Zeit: 10 Min, 54 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 1
PUP.Optional.ValueApps.A, HKU\S-1-5-21-176602296-3208371113-2143824810-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\ValueApps, In Quarantäne, [ad6d378f6c0f340234938980c1428f71],
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 2
PUP.Optional.ValueApps.A, C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\x1ovaugy.default\valueApps, In Quarantäne, [c05aab1b3f3c8caadcb4c6f5e41e4ab6],
PUP.Optional.ValueApps.A, C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\x1ovaugy.default\valueApps\CT3297265, In Quarantäne, [c05aab1b3f3c8caadcb4c6f5e41e4ab6],
Dateien: 4
PUP.Optional.Multiplug, C:\ProgramData\saevee on\oLUa.exe, In Quarantäne, [59c1f1d5b5c62412201a7128d52cc13f],
PUP.Optional.Multiplug, C:\ProgramData\Searcih-NeewTAb\MY_wzza.exe, In Quarantäne, [071365616219b97d06348a0ff50cc937],
PUP.Optional.Trovi.A, C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\x1ovaugy.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://trovi.com/ResultsExt.aspx?ctid=CT3297265&SearchSource=2&CUI=UN57436081810220232&UM=2&q=");), Ersetzt,[52c8fbcbf2890c2adf1d2ad410f40af6]
PUP.Optional.Conduit.A, C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\x1ovaugy.default\prefs.js, Gut: (), Schlecht: (user_pref("CT3297265.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?gd=&ctid=CT3297265&octid=CT3297265&ISID=ISID_ID&SearchSource=15&CUI=UN57436081810220232&Lay=1&UM=2\"}");), Ersetzt,[0515b0169edd37ff31acac53d034ab55]
Physische Sektoren: 0
(No malicious items detected)
(end) AdwCleaner Logfile: Code:
# AdwCleaner v3.304 - Report created 13/08/2014 at 22:24:33
# Updated 08/08/2014 by Xplode
# Operating System : Windows 7 Ultimate (32 bits)
# Username : Privat - PRIVAT-PC
# Running from : C:\Users\Privat\Downloads\adwcleaner_3.304.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\SearchProtect
Folder Deleted : C:\Users\Privat\Favorites\AGI
Folder Deleted : C:\ProgramData\Adblocker
Folder Deleted : C:\ProgramData\saave OaN
Folder Deleted : C:\ProgramData\saevee on
Folder Deleted : C:\ProgramData\Searcch-NewTaab
Folder Deleted : C:\ProgramData\Searcih-NeewTAb
Folder Deleted : C:\Program Files\Adblocker
Folder Deleted : C:\Program Files\saave OaN
Folder Deleted : C:\Program Files\saevee on
Folder Deleted : C:\Program Files\Searcch-NewTaab
Folder Deleted : C:\Program Files\Searcih-NeewTAb
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Krystina\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Krystina\AppData\Local\torch
Folder Deleted : C:\Users\Krystina\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Privat\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Privat\AppData\Local\torch
Folder Deleted : C:\Users\Privat\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Privat\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\x1ovaugy.default\Smartbar
Folder Deleted : C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\x1ovaugy.default\ValueApps
Folder Deleted : C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\x1ovaugy.default\CT3297265
Folder Deleted : C:\Users\Krystina\AppData\Roaming\Mozilla\Firefox\Profiles\zzv8q9v5.default\Extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Folder Deleted : C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\x1ovaugy.default\Extensions\{6dad39c6-f4ac-4984-8e9b-f666269b9eb1}
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LiveSupport_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\livesupport_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3297265
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3312523
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : HKLM\Software\Uniblue
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16545
-\\ Mozilla Firefox v31.0 (x86 de)
[ File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\f1tdolai.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.eazytosearch.info/?pid=724&r=2014/06/21&hid=17936351540188775721&lg=EN&cc=DE&l=1&q=");
Line Deleted : user_pref("browser.search.order.1", "WebSearch");
Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.eazytosearch.info/?pid=724&r=2014/06/21&hid=17936351540188775721&lg=EN&cc=DE");
Line Deleted : user_pref("extensions.GU8QvuTGF6_.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumo[...]
Line Deleted : user_pref("extensions.Gy4AWk8lbSMf.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sum[...]
Line Deleted : user_pref("extensions.aHkHvU0cSjE.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumo[...]
Line Deleted : user_pref("extensions.cdCZq.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.n[...]
Line Deleted : user_pref("extensions.mIgwfxBE.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorob[...]
Line Deleted : user_pref("extensions.rdmekPSun.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumoro[...]
Line Deleted : user_pref("keyword.URL", "hxxp://websearch.eazytosearch.info/?pid=724&r=2014/06/21&hid=17936351540188775721&lg=EN&cc=DE&l=1&q=");
[ File : C:\Users\Krystina\AppData\Roaming\Mozilla\Firefox\Profiles\zzv8q9v5.default\prefs.js ]
[ File : C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\x1ovaugy.default\prefs.js ]
Line Deleted : user_pref("CT3297265.FF19Solved", "true");
Line Deleted : user_pref("CT3297265.FirstTime", "true");
Line Deleted : user_pref("CT3297265.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3297265.RestartDialogFirstTime", "false");
Line Deleted : user_pref("CT3297265.RestartDialogShouldDisplay", "false");
Line Deleted : user_pref("CT3297265.UserID", "UN57436081810220232");
Line Deleted : user_pref("CT3297265.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3297265.autoDisableScopes", -1);
Line Deleted : user_pref("CT3297265.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3297265.countryCode", "DE");
Line Deleted : user_pref("CT3297265.defaultSearch", "true");
Line Deleted : user_pref("CT3297265.enableAlerts", "true");
Line Deleted : user_pref("CT3297265.enableFix404ByUser", "TRUE");
Line Deleted : user_pref("CT3297265.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT3297265.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3297265.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT3297265.fixPageNotFoundErrorByUser", "true");
Line Deleted : user_pref("CT3297265.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3297265.fixUrls", true);
Line Deleted : user_pref("CT3297265.fullUserID", "UN57436081810220232.UP.20130917191347");
Line Deleted : user_pref("CT3297265.installDate", "12/5/2013 16:55:51");
Line Deleted : user_pref("CT3297265.installId", "stub.exe");
Line Deleted : user_pref("CT3297265.installSessionId", "{9599E7CC-9D04-4489-BB32-FC4256F0A6BC}");
Line Deleted : user_pref("CT3297265.installSp", "true");
Line Deleted : user_pref("CT3297265.installType", "conduitnsisintegration");
Line Deleted : user_pref("CT3297265.installUsage", "2013-05-12T18:47:57.0452567+03:00");
Line Deleted : user_pref("CT3297265.installUsageEarly", "2013-05-12T18:47:56.4828251+03:00");
Line Deleted : user_pref("CT3297265.installerVersion", "1.4.2.3");
Line Deleted : user_pref("CT3297265.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3297265.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3297265.keyword", true);
Line Deleted : user_pref("CT3297265.lastVersion", "10.33.0.505");
Line Deleted : user_pref("CT3297265.mam_gk_installer_preapproved.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3297265.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT3297265.missingMachineIdSent", "true");
Line Deleted : user_pref("CT3297265.openThankYouPage", "false");
Line Deleted : user_pref("CT3297265.openUninstallPage", "true");
Line Deleted : user_pref("CT3297265.originalHomepage", "hxxp://www.google.de/");
Line Deleted : user_pref("CT3297265.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3297265.originalSearchEngine", "Ask.com");
Line Deleted : user_pref("CT3297265.performedDomainChangesMigration", "true");
Line Deleted : user_pref("CT3297265.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT3297265.search.searchAppId", "130102701223206401");
Line Deleted : user_pref("CT3297265.search.searchCount", "2");
Line Deleted : user_pref("CT3297265.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT3297265.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3297265.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3297265.searchRevert", "false");
Line Deleted : user_pref("CT3297265.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT3297265.searchUserMode", "2");
Line Deleted : user_pref("CT3297265.serviceLayer_services_Configuration_lastUpdate", "1407960114351");
Line Deleted : user_pref("CT3297265.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1407527441852");
Line Deleted : user_pref("CT3297265.serviceLayer_services_appsMetadata_lastUpdate", "1407960113750");
Line Deleted : user_pref("CT3297265.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1407527441568");
Line Deleted : user_pref("CT3297265.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1368373696609");
Line Deleted : user_pref("CT3297265.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1368373697247");
Line Deleted : user_pref("CT3297265.serviceLayer_services_location_lastUpdate", "1378234817502");
Line Deleted : user_pref("CT3297265.serviceLayer_services_login_10.16.2.6_lastUpdate", "1378234817407");
Line Deleted : user_pref("CT3297265.serviceLayer_services_login_10.19.2.505_lastUpdate", "1379666522457");
Line Deleted : user_pref("CT3297265.serviceLayer_services_login_10.20.0.513_lastUpdate", "1380914120980");
Line Deleted : user_pref("CT3297265.serviceLayer_services_login_10.20.1.508_lastUpdate", "1389127912284");
Line Deleted : user_pref("CT3297265.serviceLayer_services_login_10.23.0.822_lastUpdate", "1397420866844");
Line Deleted : user_pref("CT3297265.serviceLayer_services_login_10.29.0.520_lastUpdate", "1401375991569");
Line Deleted : user_pref("CT3297265.serviceLayer_services_login_10.31.2.501_lastUpdate", "1407527441707");
Line Deleted : user_pref("CT3297265.serviceLayer_services_login_10.33.0.505_lastUpdate", "1407960113932");
Line Deleted : user_pref("CT3297265.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1407527441680");
Line Deleted : user_pref("CT3297265.serviceLayer_services_searchAPI_lastUpdate", "1407960114199");
Line Deleted : user_pref("CT3297265.serviceLayer_services_serviceMap_lastUpdate", "1407960113757");
Line Deleted : user_pref("CT3297265.serviceLayer_services_toolbarContextMenu_lastUpdate", "1407960113789");
Line Deleted : user_pref("CT3297265.serviceLayer_services_toolbarSettings_lastUpdate", "1407960113631");
Line Deleted : user_pref("CT3297265.serviceLayer_services_translation_lastUpdate", "1407960113773");
Line Deleted : user_pref("CT3297265.settingsINI", true);
Line Deleted : user_pref("CT3297265.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT3297265.showToolbarPermission", "false");
Line Deleted : user_pref("CT3297265.smartbar.CTID", "CT3297265");
Line Deleted : user_pref("CT3297265.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3297265.smartbar.homepage", "true");
Line Deleted : user_pref("CT3297265.smartbar.toolbarName", "DivX Browser Bar DE ");
Line Deleted : user_pref("CT3297265.startPage", "true");
Line Deleted : user_pref("CT3297265.toolbarBornServerTime", "12-5-2013");
Line Deleted : user_pref("CT3297265.toolbarCurrentServerTime", "13-8-2014");
Line Deleted : user_pref("CT3297265.toolbarLoginClientTime", "Sun May 12 2013 17:48:17 GMT+0200");
Line Deleted : user_pref("CT3297265.versionFromInstaller", "10.16.2.6");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("Smartbar.TBHomepagesList", "");
Line Deleted : user_pref("Smartbar.TBSearchEngineList", "");
Line Deleted : user_pref("Smartbar.TBSearchUrlList", "");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3297265");
Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3297265");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3297265&CUI=UN57436081810220232&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3297265&octid=CT3297265&SearchSource[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3297265&SearchSource=2&CUI=UN57436081810220232&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3297265");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3297265");
Line Deleted : user_pref("smartbar.homepageList", "hxxp://search.conduit.com/?ctid=CT3297265&CUI=UN57436081810220232&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3297265&octid=CT3297265&SearchSource=61&CUI[...]
Line Deleted : user_pref("smartbar.machineId", "R0ZPUMOHE87SUZOIXGRTSRSCBYVFCA83MQZSGDK2ADPFGWYAGCI3F6WGMOA/RPQJ8K0G2KTKNI7FBVSWBGCLAG");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3297265&CUI=UN57436081810220232&UM=2&SearchSource=13");
Line Deleted : user_pref("smartbar.searchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3297265&SearchSource=2&CUI=UN57436081810220232&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT329[...]
Line Deleted : user_pref("valueApps.CT3297265.mam_gk_currentVersion", "312E31332E302E3137");
Line Deleted : user_pref("valueApps.CT3297265.mam_gk_currentVersion.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3297265.mam_gk_migrated_from_ls", "31");
Line Deleted : user_pref("valueApps.CT3297265.mam_gk_migrated_from_ls.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3297265.mam_gk_userBornDate", "4E2F41");
Line Deleted : user_pref("valueApps.CT3297265.mam_gk_userBornDate.storedInFile", false);
-\\ Google Chrome v35.0.1916.153
*************************
AdwCleaner[R0].txt - [15606 octets] - [13/08/2014 22:04:48]
AdwCleaner[S0].txt - [15790 octets] - [13/08/2014 22:24:33]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15851 octets] ########## --- --- ---
[/CODE] Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by Privat on 13.08.2014 at 22:34:43,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{166D820D-915D-47D1-A926-5FECE97F48C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8E10D3CF-AEA7-4A1C-BED2-CC137D173BB6}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Privat\appdata\locallow\boost_interprocess"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.08.2014 at 22:43:54,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:13-08-2014
Ran by Privat (administrator) on PRIVAT-PC on 13-08-2014 22:50:00
Running from C:\Users\Privat\Desktop\Neuer Ordner
Platform: Microsoft Windows 7 Ultimate (X86) OS Language: Englisch (USA)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
( ) C:\Windows\System32\lxctcoms.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\Program Files\Lexmark 5400 Series\lxctmon.exe
(Lexmark International Inc.) C:\Program Files\Lexmark 5400 Series\ezprint.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Users\Privat\AppData\Local\temp\TeamViewer\Version9\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TeamViewer GmbH) C:\Users\Privat\AppData\Local\temp\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Users\Privat\AppData\Local\temp\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Users\Privat\AppData\Local\temp\TeamViewer\Version9\TeamViewer_Desktop.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Privat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Privat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Privat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x573D51A2D7E5CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {F792531D-9E64-4113-AB12-FA02C0C3A494} URL = https://www.google.com/search?q={searchTerms}
BHO: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {00000000-0000-0000-0000-000000000000} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\x1ovaugy.default
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: PDF Architect 2 -> C:\Program Files\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-29]
FF HKLM\...\Firefox\Extensions: - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-08-11]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-08-11]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-08-11]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-08-11]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-08-11]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-20]
CHR Extension: (Google Drive) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-20]
CHR Extension: (YouTube) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-20]
CHR Extension: (Google Search) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-20]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-08-12]
CHR Extension: (avast! Online Security) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-20]
CHR Extension: (Safe Money) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-08-12]
CHR Extension: (Virtual Keyboard) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-08-12]
CHR Extension: (Google Wallet) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-20]
CHR Extension: (Gmail) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-20]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-01-20]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-09]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-09] (AVAST Software)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
S2 KSS; C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-15] (Kaspersky Lab ZAO)
R2 lxct_device; C:\Windows\system32\lxctcoms.exe [537520 2006-11-22] ( )
S3 PDF Architect 2; C:\Program Files\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer9; c:\users\privat\appdata\local\temp\teamviewer\version9\TeamViewer_Service.exe [4661056 2014-07-02] (TeamViewer GmbH)
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 A2DDA; C:\EEK\RUN\a2ddax86.sys [22056 2014-08-08] (Emsisoft GmbH)
R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11296 2009-08-04] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-08-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-08-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-08-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-08-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-08-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-08-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-08-09] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-08-09] ()
S3 cleanhlp; C:\EEK\Run\cleanhlp32.sys [50200 2014-08-08] (Emsisoft GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-08-11] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [94304 2014-08-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [576608 2014-08-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25184 2014-08-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [144992 2014-08-11] (Kaspersky Lab ZAO)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-13] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
S3 catchme; \??\C:\Users\Privat\AppData\Local\Temp\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-13 22:34 - 2014-08-13 22:34 - 00000000 ____D () C:\Windows\ERUNT
2014-08-13 22:33 - 2014-08-13 22:33 - 01016261 _____ (Thisisu) C:\Users\Privat\Downloads\JRT.exe
2014-08-13 22:05 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-08-13 22:04 - 2014-08-13 22:24 - 00000000 ____D () C:\AdwCleaner
2014-08-12 23:12 - 2014-08-12 23:12 - 00000943 _____ () C:\Users\Public\Desktop\PDF Architect 2.lnk
2014-08-12 23:12 - 2014-08-12 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2
2014-08-12 23:11 - 2014-08-12 23:12 - 00000000 ____D () C:\Program Files\PDF Architect 2
2014-08-12 23:11 - 2014-08-12 23:11 - 00000000 ____D () C:\Users\Privat\Documents\PDF Architect 2
2014-08-12 23:09 - 2014-08-12 23:12 - 00000000 ____D () C:\Program Files\PDFCreator
2014-08-12 23:09 - 2014-08-12 23:09 - 00000949 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-08-12 23:09 - 2014-08-12 23:09 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-08-12 23:09 - 2014-08-12 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-08-12 23:09 - 2014-04-25 17:44 - 00095416 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2014-08-12 23:09 - 2014-04-25 17:44 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\MSMPIDE.DLL
2014-08-12 23:09 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\system32\VB6DE.DLL
2014-08-12 23:09 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\MSCMCDE.DLL
2014-08-12 23:09 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\MSCC2DE.DLL
2014-08-12 22:34 - 2014-08-12 22:34 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-12 22:34 - 2014-08-12 22:34 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-12 22:34 - 2014-08-12 22:34 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-12 22:34 - 2014-08-12 22:34 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-08-12 22:34 - 2014-08-12 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-12 22:34 - 2014-08-12 22:34 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-12 21:44 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-12 21:44 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-12 21:44 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-12 21:44 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-12 21:44 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-12 21:44 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-12 21:44 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-12 21:44 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-12 21:38 - 2014-08-12 22:07 - 00000000 ____D () C:\Qoobox
2014-08-12 21:37 - 2014-08-12 22:02 - 00000000 ____D () C:\Windows\erdnt
2014-08-12 21:36 - 2014-08-12 21:36 - 05569662 ____R (Swearware) C:\Users\Privat\Downloads\ComboFix.exe
2014-08-12 21:25 - 2014-08-12 21:25 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-08-12 21:24 - 2014-08-12 21:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Privat\Downloads\revosetup95.exe
2014-08-12 21:21 - 2014-08-13 22:50 - 00000000 ____D () C:\Users\Privat\Desktop\Neuer Ordner
2014-08-12 18:49 - 2014-08-13 22:50 - 00000000 ____D () C:\FRST
2014-08-11 23:36 - 2014-08-11 23:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-08-11 23:35 - 2014-08-11 23:35 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-08-11 23:34 - 2014-08-11 23:56 - 00576608 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-08-11 23:34 - 2014-08-11 23:56 - 00094304 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-08-11 23:33 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-08-11 23:33 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-08-11 23:33 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-08-11 23:33 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-08-11 23:33 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-08-11 22:53 - 2014-08-13 22:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-11 22:53 - 2014-08-11 23:34 - 00000000 ____D () C:\Program Files\Kaspersky Lab
2014-08-11 22:53 - 2014-08-11 22:53 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2014-08-11 22:48 - 2014-08-11 22:48 - 00416576 _____ (Kaspersky Lab) C:\Users\Privat\Downloads\kaspersky.exe
2014-08-11 22:15 - 2014-08-11 22:43 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-11 22:15 - 2014-08-11 22:18 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-08-11 22:15 - 2014-08-11 22:15 - 00002091 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-11 22:15 - 2014-08-11 22:15 - 00002079 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-11 22:15 - 2014-08-11 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-11 22:15 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-08-11 22:12 - 2014-08-11 22:14 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Privat\Downloads\spybot-2.4.exe
2014-08-11 21:18 - 2014-08-11 21:18 - 01366203 _____ () C:\Users\Privat\Downloads\adwcleaner_3.304.exe
2014-08-09 01:08 - 2014-08-13 21:58 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-09 01:08 - 2014-08-09 01:08 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-09 01:08 - 2014-08-09 01:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-09 01:08 - 2014-08-09 01:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-09 01:08 - 2014-08-09 01:08 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-09 01:08 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-09 01:08 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-09 01:08 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-09 01:06 - 2014-08-09 01:06 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Privat\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-09 01:02 - 2014-08-09 01:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-09 01:02 - 2014-08-09 01:02 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-09 00:04 - 2014-08-09 00:08 - 91906368 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_9_0_2021.exe
2014-08-09 00:04 - 2014-08-09 00:08 - 91906368 _____ (AVAST Software) C:\Users\Privat\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-08 23:53 - 2014-08-09 00:43 - 00007605 _____ () C:\Users\Privat\AppData\Local\Resmon.ResmonCfg
2014-08-08 23:40 - 2014-08-08 23:40 - 00017252 _____ () C:\EamClean.log
2014-08-08 22:45 - 2014-08-08 22:45 - 00000546 _____ () C:\Users\Privat\Desktop\Emsisoft Emergency Kit.lnk
2014-08-08 22:45 - 2014-08-08 22:45 - 00000000 ____D () C:\EEK
2014-08-08 22:30 - 2014-08-08 22:30 - 00000000 ____D () C:\Quarantine
2014-08-08 22:27 - 2014-08-08 22:36 - 198408592 _____ () C:\Users\Privat\Downloads\EmsisoftEmergencyKit.exe
2014-08-08 22:05 - 2014-08-08 22:06 - 00000000 ____D () C:\Program Files\stinger
2014-08-08 22:02 - 2014-08-08 22:02 - 01101648 _____ () C:\Users\Privat\Downloads\McAfee Labs Stinger 32 Bit - CHIP-Installer.exe
2014-08-08 22:01 - 2014-08-08 22:01 - 00000000 ____D () C:\Users\Privat\AppData\Local\Macromedia
2014-08-08 21:54 - 2014-08-08 21:54 - 00000032 _____ () C:\Windows\system32\thxcfg.ini
2014-08-08 21:49 - 2014-08-08 21:49 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\TeamViewer
2014-08-08 21:48 - 2014-08-08 21:48 - 04663368 _____ (TeamViewer) C:\Users\Privat\Desktop\TeamviewerQS_de.exe
2014-07-30 12:22 - 2014-08-01 09:13 - 00000000 ____D () C:\Users\Privat\Documents\Businessplan Philipp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-13 22:50 - 2014-08-12 21:21 - 00000000 ____D () C:\Users\Privat\Desktop\Neuer Ordner
2014-08-13 22:50 - 2014-08-12 18:49 - 00000000 ____D () C:\FRST
2014-08-13 22:37 - 2013-05-27 09:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-13 22:34 - 2014-08-13 22:34 - 00000000 ____D () C:\Windows\ERUNT
2014-08-13 22:34 - 2009-07-14 06:34 - 00020352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-13 22:34 - 2009-07-14 06:34 - 00020352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-13 22:33 - 2014-08-13 22:33 - 01016261 _____ (Thisisu) C:\Users\Privat\Downloads\JRT.exe
2014-08-13 22:29 - 2012-06-13 22:11 - 01533212 _____ () C:\Windows\WindowsUpdate.log
2014-08-13 22:26 - 2014-08-11 22:53 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-13 22:26 - 2012-12-29 19:29 - 00116962 _____ () C:\Windows\PFRO.log
2014-08-13 22:26 - 2012-12-29 18:22 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-08-13 22:26 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-13 22:26 - 2009-07-14 06:39 - 00123777 _____ () C:\Windows\setupact.log
2014-08-13 22:24 - 2014-08-13 22:04 - 00000000 ____D () C:\AdwCleaner
2014-08-13 22:02 - 2012-12-29 21:09 - 00001093 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-13 22:02 - 2012-12-29 21:09 - 00001093 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-13 21:58 - 2014-08-09 01:08 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-13 21:48 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-12 23:12 - 2014-08-12 23:12 - 00000943 _____ () C:\Users\Public\Desktop\PDF Architect 2.lnk
2014-08-12 23:12 - 2014-08-12 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2
2014-08-12 23:12 - 2014-08-12 23:11 - 00000000 ____D () C:\Program Files\PDF Architect 2
2014-08-12 23:12 - 2014-08-12 23:09 - 00000000 ____D () C:\Program Files\PDFCreator
2014-08-12 23:12 - 2014-04-14 22:54 - 00000000 ___RD () C:\Users\Privat\Dropbox
2014-08-12 23:11 - 2014-08-12 23:11 - 00000000 ____D () C:\Users\Privat\Documents\PDF Architect 2
2014-08-12 23:09 - 2014-08-12 23:09 - 00000949 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-08-12 23:09 - 2014-08-12 23:09 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-08-12 23:09 - 2014-08-12 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-08-12 22:59 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-12 22:34 - 2014-08-12 22:34 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-12 22:34 - 2014-08-12 22:34 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-12 22:34 - 2014-08-12 22:34 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-12 22:34 - 2014-08-12 22:34 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-08-12 22:34 - 2014-08-12 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-12 22:34 - 2014-08-12 22:34 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-12 22:34 - 2013-07-03 09:36 - 00000000 ____D () C:\Program Files\Java
2014-08-12 22:30 - 2013-11-25 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-08-12 22:30 - 2012-12-29 21:22 - 00000000 ____D () C:\Program Files\DivX
2014-08-12 22:30 - 2012-12-29 21:20 - 00000000 ____D () C:\ProgramData\DivX
2014-08-12 22:07 - 2014-08-12 21:38 - 00000000 ____D () C:\Qoobox
2014-08-12 22:07 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-08-12 22:07 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-08-12 22:02 - 2014-08-12 21:37 - 00000000 ____D () C:\Windows\erdnt
2014-08-12 22:00 - 2014-04-14 22:50 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Dropbox
2014-08-12 21:59 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-08-12 21:58 - 2009-07-14 04:03 - 37224448 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-08-12 21:58 - 2009-07-14 04:03 - 16777216 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-08-12 21:58 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-08-12 21:58 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-08-12 21:58 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-08-12 21:50 - 2014-06-14 19:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-12 21:36 - 2014-08-12 21:36 - 05569662 ____R (Swearware) C:\Users\Privat\Downloads\ComboFix.exe
2014-08-12 21:25 - 2014-08-12 21:25 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-08-12 21:24 - 2014-08-12 21:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Privat\Downloads\revosetup95.exe
2014-08-12 21:22 - 2014-04-20 19:33 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-11 23:56 - 2014-08-11 23:34 - 00576608 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-08-11 23:56 - 2014-08-11 23:34 - 00094304 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-08-11 23:56 - 2013-10-17 15:47 - 00135776 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-08-11 23:56 - 2013-10-17 15:47 - 00025184 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-08-11 23:56 - 2013-06-06 17:38 - 00144992 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2014-08-11 23:36 - 2014-08-11 23:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-08-11 23:35 - 2014-08-11 23:35 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-08-11 23:34 - 2014-08-11 22:53 - 00000000 ____D () C:\Program Files\Kaspersky Lab
2014-08-11 23:34 - 2012-06-13 22:14 - 01522236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-11 23:33 - 2012-12-29 19:18 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-08-11 22:57 - 2014-03-07 21:07 - 00002505 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-11 22:57 - 2014-03-07 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-11 22:57 - 2012-12-29 21:17 - 00000000 ____D () C:\ProgramData\Skype
2014-08-11 22:53 - 2014-08-11 22:53 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2014-08-11 22:48 - 2014-08-11 22:48 - 00416576 _____ (Kaspersky Lab) C:\Users\Privat\Downloads\kaspersky.exe
2014-08-11 22:43 - 2014-08-11 22:15 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-11 22:18 - 2014-08-11 22:15 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-08-11 22:15 - 2014-08-11 22:15 - 00002091 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-11 22:15 - 2014-08-11 22:15 - 00002079 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-11 22:15 - 2014-08-11 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-11 22:14 - 2014-08-11 22:12 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Privat\Downloads\spybot-2.4.exe
2014-08-11 22:03 - 2013-11-29 19:46 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-11 21:59 - 2013-11-29 19:47 - 00002119 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-11 21:47 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2014-08-11 21:43 - 2014-06-21 21:04 - 00000000 ____D () C:\ProgramData\AppSnow
2014-08-11 21:18 - 2014-08-11 21:18 - 01366203 _____ () C:\Users\Privat\Downloads\adwcleaner_3.304.exe
2014-08-11 12:49 - 2012-12-29 21:20 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\GG
2014-08-09 01:08 - 2014-08-09 01:08 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-09 01:08 - 2014-08-09 01:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-09 01:08 - 2014-08-09 01:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-09 01:08 - 2014-08-09 01:08 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-09 01:06 - 2014-08-09 01:06 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Privat\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-09 01:02 - 2014-08-09 01:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-09 01:02 - 2014-08-09 01:02 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-09 01:02 - 2014-01-15 11:54 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-08-09 01:02 - 2013-11-29 19:46 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-09 01:02 - 2013-11-29 19:46 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-09 01:02 - 2013-11-29 19:46 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-09 01:02 - 2013-11-29 19:46 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-09 01:02 - 2013-11-29 19:46 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-09 01:02 - 2013-11-29 19:46 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-09 00:43 - 2014-08-08 23:53 - 00007605 _____ () C:\Users\Privat\AppData\Local\Resmon.ResmonCfg
2014-08-09 00:08 - 2014-08-09 00:04 - 91906368 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_9_0_2021.exe
2014-08-09 00:08 - 2014-08-09 00:04 - 91906368 _____ (AVAST Software) C:\Users\Privat\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-08 23:40 - 2014-08-08 23:40 - 00017252 _____ () C:\EamClean.log
2014-08-08 22:45 - 2014-08-08 22:45 - 00000546 _____ () C:\Users\Privat\Desktop\Emsisoft Emergency Kit.lnk
2014-08-08 22:45 - 2014-08-08 22:45 - 00000000 ____D () C:\EEK
2014-08-08 22:37 - 2012-06-13 22:27 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-08-08 22:37 - 2012-06-13 22:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-08-08 22:36 - 2014-08-08 22:27 - 198408592 _____ () C:\Users\Privat\Downloads\EmsisoftEmergencyKit.exe
2014-08-08 22:30 - 2014-08-08 22:30 - 00000000 ____D () C:\Quarantine
2014-08-08 22:07 - 2014-06-14 19:19 - 00000000 ____D () C:\Program Files\TrojanHunter 5.5
2014-08-08 22:06 - 2014-08-08 22:05 - 00000000 ____D () C:\Program Files\stinger
2014-08-08 22:02 - 2014-08-08 22:02 - 01101648 _____ () C:\Users\Privat\Downloads\McAfee Labs Stinger 32 Bit - CHIP-Installer.exe
2014-08-08 22:01 - 2014-08-08 22:01 - 00000000 ____D () C:\Users\Privat\AppData\Local\Macromedia
2014-08-08 21:54 - 2014-08-08 21:54 - 00000032 _____ () C:\Windows\system32\thxcfg.ini
2014-08-08 21:49 - 2014-08-08 21:49 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\TeamViewer
2014-08-08 21:48 - 2014-08-08 21:48 - 04663368 _____ (TeamViewer) C:\Users\Privat\Desktop\TeamviewerQS_de.exe
2014-08-08 21:24 - 2014-04-14 22:54 - 00001021 _____ () C:\Users\Privat\Desktop\Dropbox.lnk
2014-08-08 21:24 - 2014-04-14 22:53 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-01 09:13 - 2014-07-30 12:22 - 00000000 ____D () C:\Users\Privat\Documents\Businessplan Philipp
2014-08-01 09:09 - 2013-03-13 15:21 - 00000000 ____D () C:\Users\Privat\Documents\Briefe
Some content of TEMP:
====================
C:\Users\Privat\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpu6u0dc.dll
C:\Users\Privat\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-07 11:21
==================== End Of Log ============================ --- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:13-08-2014
Ran by Privat at 2014-08-13 22:50:33
Running from C:\Users\Privat\Desktop\Neuer Ordner
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
GG (HKCU\...\GG) (Version: 11 - GG Network S.A.)
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Java 7 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (Version: 2.1.65.20 - Oracle, Inc.) Hidden
Kaspersky Internet Security (HKLM\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Kaspersky Security Scan (HKLM\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C4}) (Version: 12.0.1.881 - Kaspersky Lab)
Kaspersky Security Scan (Version: 12.0.1.881 - Kaspersky Lab) Hidden
Lexmark 5400 Series (HKLM\...\Lexmark 5400 Series) (Version: - Lexmark International, Inc.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6361.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.75.420 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
PDF Architect 2 (HKLM\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6402 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
WinISO (HKLM\...\WinISO) (Version: 6.3.0.4722 - WinISO Computing Inc.)
WinRAR Archivierer (HKLM\...\WinRAR archiver) (Version: - )
WISO Steuer-Sparbuch 2013 (HKLM\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-176602296-3208371113-2143824810-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Privat\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-176602296-3208371113-2143824810-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Privat\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)
CustomCLSID: HKU\S-1-5-21-176602296-3208371113-2143824810-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Privat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-176602296-3208371113-2143824810-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Privat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-176602296-3208371113-2143824810-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Privat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-176602296-3208371113-2143824810-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Privat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-176602296-3208371113-2143824810-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Privat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-176602296-3208371113-2143824810-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Privat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-176602296-3208371113-2143824810-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Privat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-176602296-3208371113-2143824810-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Privat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
21-06-2014 19:43:17 Geplanter Prüfpunkt
28-07-2014 08:07:23 Geplanter Prüfpunkt
07-08-2014 09:28:41 Geplanter Prüfpunkt
08-08-2014 23:01:10 avast! antivirus system restore point
11-08-2014 19:58:16 avast! antivirus system restore point
11-08-2014 21:33:01 Windows Update
12-08-2014 19:29:21 Revo Uninstaller's restore point - SkypEmoticons
12-08-2014 21:11:32 Installed PDF Architect 2 View Module
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2014-08-12 21:57 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {22D86BC8-EA60-4BCD-97D7-94439E6FF99B} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
Task: {41CCEEF2-8660-4EAE-8A60-8075C4508786} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-08] (Adobe Systems Incorporated)
Task: {850C1976-76C0-4E93-82EA-9729695A0D05} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {AE0A3BD8-C696-45E4-98F5-9B640140218A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {BF2A583E-0C1A-4772-8BDC-128DE97A2365} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {D6936D74-F0D2-4B87-A6BF-E193BCD06580} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-09] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-08-09 01:01 - 2014-08-09 01:01 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-13 20:59 - 2014-08-13 20:59 - 02797056 _____ () C:\Program Files\AVAST Software\Avast\defs\14081301\algo.dll
2013-01-05 17:28 - 2006-10-18 07:36 - 00045056 _____ () C:\Windows\System32\lxctpmon.dll
2013-01-05 17:28 - 2006-10-18 06:30 - 00032768 _____ () C:\Program Files\Lexmark 5400 Series\ipcmt.dll
2013-01-05 17:28 - 2006-10-18 07:43 - 00012288 _____ () C:\Windows\System32\lxctpmrc.dll
2013-01-05 17:28 - 2006-11-13 05:35 - 00118784 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\lxctdrpp.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2013-01-05 17:28 - 2006-11-22 11:11 - 00291760 _____ () C:\Program Files\Lexmark 5400 Series\lxctmon.exe
2013-01-05 17:28 - 2006-08-08 16:54 - 00278528 _____ () C:\Program Files\Lexmark 5400 Series\lxctscw.dll
2013-01-05 17:28 - 2006-06-09 03:39 - 00143360 _____ () C:\Program Files\Lexmark 5400 Series\lxctdrec.dll
2013-01-05 17:28 - 2006-05-25 17:20 - 00241664 _____ () C:\Program Files\Lexmark 5400 Series\iptk.dll
2014-08-11 22:15 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-11 22:15 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-11 22:15 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-08-11 22:15 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-11 22:15 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-08-09 01:02 - 2014-08-09 01:02 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2006-08-08 16:58 - 2006-08-08 16:58 - 00692224 _____ () C:\Windows\system32\lxctdrs.dll
2006-08-14 18:17 - 2006-08-14 18:17 - 00065536 _____ () C:\Windows\system32\lxctcaps.dll
2006-05-03 15:31 - 2006-05-03 15:31 - 00061440 _____ () C:\Windows\system32\lxctcnv4.dll
2012-12-29 19:06 - 2004-09-18 09:43 - 00121856 _____ () C:\Program Files\WinRAR\rarext.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Privat^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: GG => "C:\Users\Privat\AppData\Local\GG\Application\gghub.exe"
MSCONFIG\startupreg: KSS => "C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun
MSCONFIG\startupreg: LXCTCATS => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
MSCONFIG\startupreg: NeroCheck => C:\Windows\system32\NeroCheck.exe
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-08-12 21:45:23.924
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-12 21:45:23.924
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 33%
Total physical RAM: 3549.12 MB
Available physical RAM: 2358.13 MB
Total Pagefile: 7096.51 MB
Available Pagefile: 5485.34 MB
Total Virtual: 2047.88 MB
Available Virtual: 1913.32 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:149.9 GB) (Free:112.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive g: (Bilder & Filme) (Fixed) (Total:100 GB) (Free:81.41 GB) NTFS
Drive h: (Volume) (Fixed) (Total:166.02 GB) (Free:46.87 GB) NTFS
Drive i: (Volume) (Fixed) (Total:199.74 GB) (Free:49.71 GB) NTFS
Drive z: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 95B995B9)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=150 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 11C911C9)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=166 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=200 GB) - (Type=07 NTFS)
==================== End Of Log ============================ Dürfte ich noch wissen, was jetzt zu diesem Verhalten geführt hat und u.a. wie wurde das Problem mit den Berechtigungen behoben? Danke vorab :-)
Viele Grüße
Gutealtezeit |