Hallo Schrauber,
sauber sieht irgendwie anders aus, oder? :( . Richtige Probleme sind mir beim Arbeiten nicht aufgefallen, außer, dass plötzlich 'PC Tools Registry Mechanic' gestartet ist, was immer das sein mag?! Hier die angeforderten Protokolle:
ESET: Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=ae92624758c4af42a974b21f2a92084c
# engine=21965
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-14 05:24:25
# local_time=2015-01-14 06:24:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 81414 165808443 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 19194048 172886115 0 0
# scanned=264025
# found=60
# cleaned=0
# scan_time=6506
sh=22A173FA7CB7485FFBCE1C033DED3550C3FB06EA ft=1 fh=b609cb66d5744ed7 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=314F703F0F190BF70F0386509C10998D4E2BD10B ft=1 fh=2f9f46df1834d950 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Simone\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.1.dll.vir"
sh=D3CBDD7C6ED2C9D81DA4FCF9AF57CDD5D3711ED3 ft=1 fh=86dbe26399c3d0fa vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Simone\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll.vir"
sh=C940F4029FE46A5F7B471214AC683B5FEBB26831 ft=1 fh=e14799081e7d1361 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=DACCEF26229D06C78049B88C7BE2772EA347B8A2 ft=1 fh=fefb97b647b2f1e6 vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Jenya_Games_2\hk64tbJeny.dll"
sh=A473F1057D0844C61ED68047F97C6CD8B3F79F51 ft=1 fh=851ca62d1383db26 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Jenya_Games_2\hktbJeny.dll"
sh=28F30DCBC3836B85CF84C0445F20FDD74276105F ft=1 fh=a5122cc400caea7d vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Jenya_Games_2\ldrtbJeny.dll"
sh=D92C60CCE0049F2F7FB25ECBED01C7E89DC43988 ft=1 fh=854242ae4b4cbd77 vn="Win32/Toolbar.Conduit.N evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Jenya_Games_2\prxtbJeny.dll"
sh=4C716303AC281E9F6F92DBAA25DFCF342B2E8300 ft=1 fh=2ce425e33ba62b65 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Jenya_Games_2\tbJeny.dll"
sh=DACCEF26229D06C78049B88C7BE2772EA347B8A2 ft=1 fh=fefb97b647b2f1e6 vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Saphira2\AppData\LocalLow\Jenya_Games_2\hk64tbJeny.dll"
sh=A473F1057D0844C61ED68047F97C6CD8B3F79F51 ft=1 fh=851ca62d1383db26 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Saphira2\AppData\LocalLow\Jenya_Games_2\hktbJeny.dll"
sh=28F30DCBC3836B85CF84C0445F20FDD74276105F ft=1 fh=a5122cc400caea7d vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Saphira2\AppData\LocalLow\Jenya_Games_2\ldrtbJeny.dll"
sh=594E0844207ADD0DBD163E1AFB7696BAA25CB961 ft=1 fh=b78030dcfe359240 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Saphira2\AppData\LocalLow\Jenya_Games_2\tbJen1.dll"
sh=4C716303AC281E9F6F92DBAA25DFCF342B2E8300 ft=1 fh=2ce425e33ba62b65 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Saphira2\AppData\LocalLow\Jenya_Games_2\tbJeny.dll"
sh=B5C93DA0C608B26C9487ABC49CCB643C9A15ED33 ft=1 fh=75f1c65aa8a331ed vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Saphira2\AppData\LocalLow\Jenya_Games_2\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll"
sh=1F55D8E2F8FC4E59BD273385B36F587A6339D154 ft=1 fh=cff91789842d382b vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simone\AppData\LocalLow\Jenya_Games_2\hk64tbJen0.dll"
sh=37FDC039C02562267559D42D94DDB64B692FD091 ft=1 fh=7aeecd1bb81f6a22 vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simone\AppData\LocalLow\Jenya_Games_2\hk64tbJen2.dll"
sh=DACCEF26229D06C78049B88C7BE2772EA347B8A2 ft=1 fh=fefb97b647b2f1e6 vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simone\AppData\LocalLow\Jenya_Games_2\hk64tbJeny.dll"
sh=580C2639CC01D65EB0FCEB9DD82C837172F1685A ft=1 fh=1952ebb7aff3fa0f vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simone\AppData\LocalLow\Jenya_Games_2\hktbJen0.dll"
sh=A6D053127826CDA8DD8FCDBB4E81F63000910624 ft=1 fh=e8f05c501331b563 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simone\AppData\LocalLow\Jenya_Games_2\hktbJen2.dll"
sh=A473F1057D0844C61ED68047F97C6CD8B3F79F51 ft=1 fh=851ca62d1383db26 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simone\AppData\LocalLow\Jenya_Games_2\hktbJeny.dll"
sh=EBAFB2A15CAC7320C18180C08C710DDF26D2377D ft=1 fh=719e845c1b9128d3 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simone\AppData\LocalLow\Jenya_Games_2\ldrtbJen0.dll"
sh=28F30DCBC3836B85CF84C0445F20FDD74276105F ft=1 fh=a5122cc400caea7d vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simone\AppData\LocalLow\Jenya_Games_2\ldrtbJeny.dll"
sh=AA02280C86FEA8E28A4DFF9716B10A8A78000A4B ft=1 fh=4057356bf50aa26b vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simone\AppData\LocalLow\Jenya_Games_2\prxtbJen0.dll"
sh=7BBC831D6FFD6C5E502F77E8F9CEA30E3591B4D5 ft=1 fh=115fba91741456d3 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simone\AppData\LocalLow\Jenya_Games_2\tbJen0.dll"
sh=A7EBFC93E91E27D27C26D1E9483909E41F3A32FC ft=1 fh=ea857f061ec5d00e vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simone\AppData\LocalLow\Jenya_Games_2\tbJen1.dll"
sh=7148AC44C7FE0CB8D30A12ACB28171AE1F609C20 ft=1 fh=779162af1796b620 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simone\AppData\LocalLow\Jenya_Games_2\tbJen2.dll"
sh=4C716303AC281E9F6F92DBAA25DFCF342B2E8300 ft=1 fh=2ce425e33ba62b65 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simone\AppData\LocalLow\Jenya_Games_2\tbJeny.dll"
sh=B5C93DA0C608B26C9487ABC49CCB643C9A15ED33 ft=1 fh=75f1c65aa8a331ed vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simone\AppData\LocalLow\Jenya_Games_2\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll"
sh=368CF1D82743DEA9535487984406DD6C46D74826 ft=1 fh=1faa9e135822b4ec vn="Variante von Win32/Wajam.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1].004"
sh=E1E55409ACA6CB28FAE7E00574E84F20AF171910 ft=1 fh=f7422f18f16fdeb5 vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1].007"
sh=C4785CD4E51A3866D1AF76A799DB05EAAFBC5180 ft=1 fh=61df1471ccccc8e4 vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1].048"
sh=3BF4B4CAD7F1B223D65C149803A83373C91DB874 ft=1 fh=bbc461a2dbace21f vn="Win32/Wajam.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1].058"
sh=4B90C9972C5120B60E31221DC6BE6B821CB66CA9 ft=1 fh=2f80823b6f10ab5d vn="Win32/Wajam.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1].059"
sh=36B7B96EB53DA16D1FF11B7E9FF7F5CB50B32611 ft=1 fh=c25161fd9a01116d vn="Variante von Win32/Wajam.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\wajam_update[1].004"
sh=11C244029AF2991F216FF2A15BEBC53C5C61D952 ft=1 fh=2cbc50a775474bb5 vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\wajam_update[1].036"
sh=5F7FF643BF65EA65D4BD1F5B4127E7936F2CCA5D ft=1 fh=cbe7168a72d2bc77 vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\wajam_update[1].037"
sh=C4785CD4E51A3866D1AF76A799DB05EAAFBC5180 ft=1 fh=61df1471ccccc8e4 vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\wajam_update[1].052"
sh=C4785CD4E51A3866D1AF76A799DB05EAAFBC5180 ft=1 fh=61df1471ccccc8e4 vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\wajam_update[1].057"
sh=C9AE242E9680F6E470392C6C215DD55BD07FE2D4 ft=1 fh=d4b0879f4d00966c vn="Variante von Win32/Wajam.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\wajam_update[1].004"
sh=75A377CBC3D3354BF0DD7B5F1D26BFFF73744B92 ft=1 fh=8248de016d1d2bbb vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\wajam_update[1].006"
sh=DC287D9AF69775BBB2DB89A00A3DF4E9DB35C46F ft=1 fh=298a8d7888b4be83 vn="Variante von Win32/Wajam.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\wajam_update[2].004"
sh=75A377CBC3D3354BF0DD7B5F1D26BFFF73744B92 ft=1 fh=8248de016d1d2bbb vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\wajam_update[1].005"
sh=B0C4AA365CEFDEE85126CC99CC5F82EA1ABFD664 ft=1 fh=495f2201d59c5c4d vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\wajam_update[1].034"
sh=368CF1D82743DEA9535487984406DD6C46D74826 ft=1 fh=1faa9e135822b4ec vn="Variante von Win32/Wajam.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1].004"
sh=E1E55409ACA6CB28FAE7E00574E84F20AF171910 ft=1 fh=f7422f18f16fdeb5 vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1].007"
sh=C4785CD4E51A3866D1AF76A799DB05EAAFBC5180 ft=1 fh=61df1471ccccc8e4 vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1].048"
sh=3BF4B4CAD7F1B223D65C149803A83373C91DB874 ft=1 fh=bbc461a2dbace21f vn="Win32/Wajam.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1].058"
sh=4B90C9972C5120B60E31221DC6BE6B821CB66CA9 ft=1 fh=2f80823b6f10ab5d vn="Win32/Wajam.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1].059"
sh=36B7B96EB53DA16D1FF11B7E9FF7F5CB50B32611 ft=1 fh=c25161fd9a01116d vn="Variante von Win32/Wajam.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\wajam_update[1].004"
sh=11C244029AF2991F216FF2A15BEBC53C5C61D952 ft=1 fh=2cbc50a775474bb5 vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\wajam_update[1].036"
sh=5F7FF643BF65EA65D4BD1F5B4127E7936F2CCA5D ft=1 fh=cbe7168a72d2bc77 vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\wajam_update[1].037"
sh=C4785CD4E51A3866D1AF76A799DB05EAAFBC5180 ft=1 fh=61df1471ccccc8e4 vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\wajam_update[1].052"
sh=C4785CD4E51A3866D1AF76A799DB05EAAFBC5180 ft=1 fh=61df1471ccccc8e4 vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\wajam_update[1].057"
sh=C9AE242E9680F6E470392C6C215DD55BD07FE2D4 ft=1 fh=d4b0879f4d00966c vn="Variante von Win32/Wajam.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\wajam_update[1].004"
sh=75A377CBC3D3354BF0DD7B5F1D26BFFF73744B92 ft=1 fh=8248de016d1d2bbb vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\wajam_update[1].006"
sh=DC287D9AF69775BBB2DB89A00A3DF4E9DB35C46F ft=1 fh=298a8d7888b4be83 vn="Variante von Win32/Wajam.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\wajam_update[2].004"
sh=75A377CBC3D3354BF0DD7B5F1D26BFFF73744B92 ft=1 fh=8248de016d1d2bbb vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\wajam_update[1].005"
sh=B0C4AA365CEFDEE85126CC99CC5F82EA1ABFD664 ft=1 fh=495f2201d59c5c4d vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\wajam_update[1].034"
SecurityCheck: Code:
Results of screen317's Security Check version 0.99.93
Windows 7 x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 11 ``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 15.0.0.246 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox 8.0 Firefox out of Date!
Google Chrome (39.0.2171.71)
Google Chrome (39.0.2171.95) ````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Online Games Manager ogmservice.exe `````````````````System Health check`````````````````
Total Fragmentation on Drive C: ````````````````````End of Log``````````````````````
FRST:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-01-2015 01
Ran by Simone (administrator) on SIMONE-PC on 14-01-2015 19:20:15
Running from C:\Users\Simone\Desktop
Loaded Profiles: Simone & Saphira2 (Available profiles: Simone & Saphira2)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [818720 2010-02-26] (Acer Incorporated)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [306472 2009-11-13] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1157128 2009-08-18] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-29] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2010-01-18] (Acer Corp.)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [105120 2012-08-21] (PC Tools)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-17] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-213347696-1288795008-3362068849-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-03-22] (Google Inc.)
HKU\S-1-5-21-213347696-1288795008-3362068849-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-213347696-1288795008-3362068849-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-213347696-1288795008-3362068849-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-213347696-1288795008-3362068849-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-213347696-1288795008-3362068849-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-213347696-1288795008-3362068849-1003\...\MountPoints2: {8555645a-ec46-11df-b7a2-806e6f6e6963} - D:\Autorun.exe
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.)
GroupPolicyUsers\S-1-5-21-213347696-1288795008-3362068849-1003\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-213347696-1288795008-3362068849-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5732z&r=27360111e125l04g4z195t4402d288
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5732z&r=27360111e125l04g4z195t4402d288
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5732z&r=27360111e125l04g4z195t4402d288
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-213347696-1288795008-3362068849-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-213347696-1288795008-3362068849-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-213347696-1288795008-3362068849-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKU\S-1-5-21-213347696-1288795008-3362068849-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5732z&r=27360111e125l04g4z195t4402d288
URLSearchHook: HKLM-x32 - Jenya Games 2 Toolbar - {e4f9f5e3-1ff4-4c0b-b933-5b287a439842} - C:\Program Files (x86)\Jenya_Games_2\prxtbJeny.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-213347696-1288795008-3362068849-1000 - Jenya Games 2 Toolbar - {e4f9f5e3-1ff4-4c0b-b933-5b287a439842} - C:\Program Files (x86)\Jenya_Games_2\prxtbJeny.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-213347696-1288795008-3362068849-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE414DE416
SearchScopes: HKU\S-1-5-21-213347696-1288795008-3362068849-1000 -> {61DA6A37-4EE0-4757-8EB3-C5563ECB7AE6} URL =
SearchScopes: HKU\S-1-5-21-213347696-1288795008-3362068849-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE414DE416
SearchScopes: HKU\S-1-5-21-213347696-1288795008-3362068849-1003 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm255^YY^de&si=COHM8afDmLYCFQ-7zAod4zEAcw&ptb=71C1B111-B17C-4590-B510-3AB267E5B407&ind=2013092314&n=77fd59da&psa=&st=sb&searchfor={searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\SysWow64\Msdxm6.ocx (Microsoft Corporation)
Toolbar: HKLM-x32 - Jenya Games 2 Toolbar - {e4f9f5e3-1ff4-4c0b-b933-5b287a439842} - C:\Program Files (x86)\Jenya_Games_2\prxtbJeny.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-213347696-1288795008-3362068849-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-213347696-1288795008-3362068849-1000 -> No Name - {E4F9F5E3-1FF4-4C0B-B933-5B287A439842} - No File
Toolbar: HKU\S-1-5-21-213347696-1288795008-3362068849-1003 -> No Name - {E4F9F5E3-1FF4-4C0B-B933-5B287A439842} - No File
Toolbar: HKU\S-1-5-21-213347696-1288795008-3362068849-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Windows\SysWow64\Msdxm6.ocx (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\v7m5dzfj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\v7m5dzfj.default\Extensions\toolbar@web.de.xpi [2011-12-30]
FF HKU\S-1-5-21-213347696-1288795008-3362068849-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.75\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.75\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-23]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-23]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-23]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [581568 2014-03-27] (RealNetworks, Inc.)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-06-08] (Avira Operations GmbH & Co. KG)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-14 19:19 - 2015-01-14 19:19 - 00000000 ____D () C:\Users\Simone\Desktop\FRST-OlderVersion
2015-01-14 19:18 - 2015-01-14 19:18 - 00001120 _____ () C:\Users\Simone\Desktop\checkup.txt
2015-01-14 19:12 - 2015-01-14 19:12 - 00852505 _____ () C:\Users\Simone\Desktop\SecurityCheck.exe
2015-01-14 19:09 - 2015-01-14 19:09 - 00015655 _____ () C:\Users\Simone\Desktop\eset.txt
2015-01-14 16:32 - 2015-01-14 16:32 - 02347384 _____ (ESET) C:\Users\Simone\Desktop\esetsmartinstaller_deu.exe
2015-01-13 21:59 - 2015-01-13 21:59 - 00002119 _____ () C:\Users\Simone\Desktop\JRT.txt
2015-01-13 21:54 - 2015-01-13 21:54 - 00000000 ____D () C:\Windows\ERUNT
2015-01-13 21:53 - 2015-01-13 21:53 - 01707939 _____ (Thisisu) C:\Users\Simone\Desktop\JRT.exe
2015-01-13 21:44 - 2015-01-13 21:44 - 00009529 _____ () C:\Users\Simone\Desktop\AdwCleaner[S0].txt
2015-01-13 21:38 - 2015-01-13 21:42 - 00000000 ____D () C:\AdwCleaner
2015-01-13 21:36 - 2015-01-13 21:36 - 02191360 _____ () C:\Users\Simone\Desktop\AdwCleaner_4.107.exe
2015-01-13 21:30 - 2015-01-13 21:30 - 00052476 _____ () C:\Users\Simone\Desktop\mbam.txt
2015-01-13 20:47 - 2015-01-13 21:29 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-13 20:47 - 2015-01-13 20:47 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-13 20:47 - 2015-01-13 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-13 20:47 - 2015-01-13 20:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-13 20:47 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-13 20:47 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-13 20:47 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-13 20:45 - 2015-01-13 20:45 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Simone\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-12 23:53 - 2015-01-12 23:53 - 00021519 _____ () C:\Users\Simone\Desktop\combofix.txt
2015-01-12 23:49 - 2015-01-12 23:49 - 00021519 _____ () C:\ComboFix.txt
2015-01-12 23:29 - 2015-01-12 23:49 - 00000000 ____D () C:\Qoobox
2015-01-12 23:29 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-12 23:29 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-12 23:29 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-12 23:29 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-12 23:29 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-12 23:29 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-12 23:29 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-12 23:29 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-12 23:23 - 2015-01-13 21:20 - 00000000 ____D () C:\Windows\erdnt
2015-01-12 23:20 - 2015-01-12 23:20 - 05609736 ____R (Swearware) C:\Users\Simone\Desktop\ComboFix.exe
2015-01-12 22:21 - 2015-01-12 22:21 - 00000744 _____ () C:\Users\Simone\Desktop\Revo Uninstaller.lnk
2015-01-12 22:19 - 2015-01-12 22:19 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Simone\Desktop\revosetup95.exe
2015-01-12 19:55 - 2015-01-13 22:06 - 00021734 _____ () C:\Users\Simone\Desktop\Addition.txt
2015-01-12 19:53 - 2015-01-14 19:20 - 00018774 _____ () C:\Users\Simone\Desktop\FRST.txt
2015-01-12 19:53 - 2015-01-14 19:20 - 00000000 ____D () C:\FRST
2015-01-12 19:51 - 2015-01-12 19:51 - 00000474 _____ () C:\Users\Simone\Desktop\defogger_disable.log
2015-01-12 19:51 - 2015-01-12 19:51 - 00000000 _____ () C:\Users\Simone\defogger_reenable
2015-01-12 19:50 - 2015-01-14 19:19 - 02125312 _____ (Farbar) C:\Users\Simone\Desktop\FRST64.exe
2015-01-12 19:48 - 2015-01-12 19:48 - 00050477 _____ () C:\Users\Simone\Desktop\Defogger.exe
2015-01-10 00:15 - 2015-01-10 00:29 - 3192264704 _____ () C:\Users\Simone\Desktop\X15-65741.iso
2015-01-04 19:25 - 2015-01-04 19:25 - 00000000 ____D () C:\Users\Simone\Documents\My Weblog Posts
2015-01-04 19:25 - 2015-01-04 19:25 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\Windows Live Writer
2015-01-04 19:24 - 2015-01-04 19:25 - 00000000 ____D () C:\Users\Simone\AppData\Local\Windows Live Writer
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-14 19:18 - 2010-11-09 22:21 - 01820963 _____ () C:\Windows\WindowsUpdate.log
2015-01-14 19:08 - 2013-07-03 18:00 - 00000414 _____ () C:\Windows\SysWOW64\AppLog.log
2015-01-14 19:08 - 2013-06-28 16:45 - 00000286 _____ () C:\Windows\Tasks\RMSchedule.job
2015-01-14 19:08 - 2010-11-09 22:31 - 00000000 ____D () C:\ProgramData\Temp
2015-01-14 19:07 - 2012-04-10 10:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-14 19:07 - 2011-01-16 21:55 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-14 16:34 - 2010-11-10 07:11 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2015-01-14 16:34 - 2010-11-10 07:11 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2015-01-14 16:34 - 2009-07-14 06:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-14 16:34 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-14 16:34 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-14 16:28 - 2013-06-28 16:45 - 00000286 _____ () C:\Windows\Tasks\RMAutoUpdate.job
2015-01-14 16:28 - 2013-06-28 16:45 - 00000000 ____D () C:\Program Files (x86)\PC Tools Registry Mechanic
2015-01-14 16:28 - 2011-01-16 21:55 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-14 16:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-14 16:26 - 2009-07-14 05:51 - 00099165 _____ () C:\Windows\setupact.log
2015-01-13 21:43 - 2010-11-09 22:15 - 00291338 _____ () C:\Windows\PFRO.log
2015-01-13 21:18 - 2013-06-28 16:43 - 00000000 ____D () C:\Program Files (x86)\Jenya_Games_2
2015-01-13 20:47 - 2012-11-03 16:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-13 20:46 - 2012-04-10 10:58 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-13 20:46 - 2012-04-10 10:58 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-13 20:46 - 2011-12-27 10:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-12 23:45 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-12 19:51 - 2011-01-14 18:42 - 00000000 ____D () C:\Users\Simone
2015-01-12 19:41 - 2011-12-10 16:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-12 19:40 - 2013-06-28 16:29 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\Skype
2015-01-12 19:40 - 2013-06-28 16:29 - 00000000 ____D () C:\ProgramData\Skype
2015-01-08 07:05 - 2014-06-09 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-08 07:04 - 2014-06-09 15:37 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-06 13:50 - 2014-11-21 21:04 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-18 20:45 - 2013-10-06 17:35 - 00001350 _____ () C:\Users\Saphira2\Desktop\Clean Registry for Free!.lnk
2014-12-17 20:55 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
Some content of TEMP:
====================
C:\Users\Simone\AppData\Local\Temp\avgnt.exe
C:\Users\Simone\AppData\Local\Temp\Quarantine.exe
C:\Users\Simone\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-04 21:14
==================== End Of Log ============================ --- --- ---
--- --- ---
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-01-2015 01
Ran by Simone at 2015-01-14 19:21:36
Running from C:\Users\Simone\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1 (HKLM-x32\...\{1C17CC71-2559-4819-88FF-EF2978986BB1}_is1) (Version: - S-A-D)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7319 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7319 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3007 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3007 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1) (Version: 6.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.02.0804 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: Version 7.102.2002.209 - Alps Electric)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Belkin Connect Wireless USB Adapter (HKLM-x32\...\InstallShield_{08B73C99-D071-488F-8861-5DDA897C510D}) (Version: 1.0.0.3 - Belkin)
Belkin Connect Wireless USB Adapter (x32 Version: 1.0.0.3 - Belkin) Hidden
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 3.0.1.60 - )
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Christmasville (HKLM-x32\...\{D178746E-0919-424E-88A7-81A0E46FF03E}) (Version: 1.00.0000 - Purplehills)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cooking Dash(R) 3 - Thrills & Spills (HKLM-x32\...\08ab9cbf5344299c7d466bd8e94d7e0a) (Version: - )
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
Delicious - Emily's True Love Deluxe (HKLM-x32\...\c40ba4951166b25188105b97864d7512) (Version: - )
Der Stein der Weisen (HKLM-x32\...\Der Stein der Weisen) (Version: - )
Die Jaeger des Geisterhauses 2 (HKLM-x32\...\Die Jaeger des Geisterhauses 2) (Version: 1.0 - Rondomedia)
Die Legende von Pocahontas (HKLM-x32\...\{00B52299-F42A-40C3-8232-F987B86E3FD6}_is1) (Version: - cerasus.media GmbH)
Die Sims™ 2 (HKLM-x32\...\{2C82E097-694E-44ea-A947-2750679469CF}) (Version: - Electronic Arts)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
Fiesta Online DE (HKLM-x32\...\Fiesta Online DE) (Version: 1.04.168 - Gamigo games)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
Holly - Ein Weihnachtsmärchen (HKLM-x32\...\{8F08E12A-363F-4F69-8BC8-0E0EA502A6ED}) (Version: 1.00.0000 - Purplehills)
Holly im Wunderland (HKLM-x32\...\Holly im Wunderland) (Version: - )
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Jäger des Geisterhauses (HKLM-x32\...\Jäger des Geisterhauses_is1) (Version: - Rondomedia GmbH)
Jenya Games 2 Toolbar (HKLM-x32\...\Jenya_Games_2 Toolbar) (Version: 6.13.3.505 - Jenya Games 2)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Katy and Bob - Way Back Home (HKLM-x32\...\1e02170593d9ccb9b0fde61815a4d0a4) (Version: - )
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 8.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 8.0 (x86 de)) (Version: 8.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mysteryville 2 (HKLM-x32\...\{7730D510-6DE2-4CD4-8F58-0B04680AEFE6}) (Version: 1.00.0000 - Mysteryville 2)
MyWinLocker (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.206.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 3.7.2.5 - Symantec Corporation)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6630 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden
Online Games Manager v1.30 (HKLM-x32\...\Online Games Manager) (Version: 1.30.14 - Real Networks, Inc.)
PC Tools Registry Mechanic 11.1 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.1 - PC Tools)
Pineview Drive (HKLM-x32\...\Steam App 288880) (Version: - VIS - Visual Imagination Software)
PirateVille (HKLM-x32\...\PirateVille) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sally's Salon (HKLM-x32\...\bab3573d4d9b902ade5e750cb61a6c3f) (Version: - )
secrets of tahiti (HKLM-x32\...\secrets of tahiti) (Version: - )
Shredder (Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version: - Oberon Media)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3013 - Acer Incorporated)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Wizard101(DE) (HKU\S-1-5-21-213347696-1288795008-3362068849-1000\...\Wizard101(DE)_is1) (Version: - Gameforge 4D GmbH)
Zoo Safari (HKLM-x32\...\Zoo Safari_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
Zuma Deluxe (HKLM-x32\...\991f99f096d8e5496b7bc09fa0270ff4) (Version: - )
Zuma's Revenge!(TM) (HKLM-x32\...\9e355f5d79e9bfe6c16a3c3e03255ace) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
18-12-2014 14:30:20 Windows Update
18-12-2014 21:10:24 Windows Update
19-12-2014 21:04:18 Windows Update
04-01-2015 21:20:58 Geplanter Prüfpunkt
05-01-2015 23:15:05 Windows Update
06-01-2015 16:57:30 Windows Update
08-01-2015 07:04:17 Windows Update
10-01-2015 00:47:44 Windows Update
12-01-2015 19:39:28 Removed Skype™ 6.20
12-01-2015 19:40:39 Removed Skype Click to Call
12-01-2015 20:19:03 Windows Update
12-01-2015 22:23:58 Revo Uninstaller's restore point - Advanced-System Protector
12-01-2015 22:37:05 Revo Uninstaller's restore point - Babylon toolbar
12-01-2015 22:44:22 Wiederherstellungsvorgang
12-01-2015 23:02:20 Revo Uninstaller's restore point - BrowserProtect
12-01-2015 23:07:00 Revo Uninstaller's restore point - Claro LTD toolbar
12-01-2015 23:09:36 Revo Uninstaller's restore point - Optimizer Pro v3.0
12-01-2015 23:11:15 Revo Uninstaller's restore point - RegClean Pro
12-01-2015 23:14:37 Revo Uninstaller's restore point - Video Download Converter version 1.0.0.0
12-01-2015 23:15:38 Revo Uninstaller's restore point - VideoDownloadConverter Toolbar
12-01-2015 23:16:47 Revo Uninstaller's restore point - Wajam
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0764CEC8-B31A-4C89-A1C2-931483368989} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {1AD67FAA-56F8-4EEC-B8F0-0315304D6739} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {2A3F53D7-9E01-4D55-BC18-E2C856A3CF22} - System32\Tasks\RMSchedule => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe [2012-08-21] (PC Tools)
Task: {970FB604-C1F4-4D49-BF27-D4B2F201F2AD} - System32\Tasks\{63B92A31-A0BD-4816-8FB0-053ACD4D013A} => C:\Program Files (x86)\EA GAMES\Die Sims 2\Base\TSBin\Sims2Launcher.exe [2009-07-13] (Electronic Arts)
Task: {B6DD2BA3-D2B6-4287-942F-3054D929D1B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
Task: {BC1E5CDC-0D7E-4FCE-B381-334B08FBFF83} - System32\Tasks\RMAutoUpdate => C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe [2012-08-21] (PC Tools)
Task: {D3E26ADA-897A-42F9-9B4A-5ABEA474196F} - System32\Tasks\Norton Security Scan for Simone => C:\Program Files (x86)\Norton Security Scan\Engine\3.7.2.5\Nss.exe [2012-04-03] (Symantec Corporation)
Task: {D533EDD0-1D40-403B-9C18-E27AA99FB116} - System32\Tasks\{07D0D82D-B9C6-4811-8D27-7E772CB52F6B} => C:\Program Files (x86)\EA GAMES\Die Sims 2\Base\TSBin\Sims2Launcher.exe [2009-07-13] (Electronic Arts)
Task: {DFD3C836-F3D9-4CDD-8A3B-42EF218994D4} - System32\Tasks\{6D13A28A-6AC1-44BC-90D3-C3BC6B3B55EA} => Firefox.exe hxxp://ui.skype.com/ui/0/4.1.0.179.367/de/abandoninstall?source=lightinstaller&page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for Simone.job => C:\PROGRA~2\NORTON~2\Engine\372~1.5\Nss.exe
Task: C:\Windows\Tasks\RMAutoUpdate.job => C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe
Task: C:\Windows\Tasks\RMSchedule.job => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe
==================== Loaded Modules (whitelisted) =============
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-213347696-1288795008-3362068849-500 - Administrator - Disabled)
Gast (S-1-5-21-213347696-1288795008-3362068849-501 - Limited - Disabled)
Saphira2 (S-1-5-21-213347696-1288795008-3362068849-1003 - Limited - Enabled) => C:\Users\Saphira2
Simone (S-1-5-21-213347696-1288795008-3362068849-1000 - Administrator - Enabled) => C:\Users\Simone
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/14/2015 07:08:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (01/14/2015 04:33:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (01/14/2015 04:33:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (01/14/2015 04:33:06 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (01/14/2015 04:33:06 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (01/14/2015 04:32:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2015-01-12 23:44:14.151
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-12 23:44:13.948
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 54%
Total physical RAM: 3001.98 MB
Available physical RAM: 1371.92 MB
Total Pagefile: 6002.09 MB
Available Pagefile: 4253.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:284.32 GB) (Free:201.94 GB) NTFS
Drive d: (Sims2) (CDROM) (Total:2.77 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 23618F6A)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=284.3 GB) - (Type=07 NTFS)
==================== End Of Log ============================ EwigDank
ochnee |