hier ist der FRST:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-12-2013 01
Ran by Bluep4x (administrator) on BLUEP4X on 25-12-2013 13:54:31
Running from C:\Users\Thomas\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\AI Suite II\Lighting\Lighting.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingBar.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\bingsurrogate.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7158344 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-01] (Intel Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [ASUS Ai Charger] - C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\aprp.exe [3187360 2013-06-21] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-02-16] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\CyberLink\Shared files\brs.exe [78352 2012-05-23] (cyberlink)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-09] (Avira Operations GmbH & Co. KG)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3551576 2013-11-21] (Electronic Arts)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20588704 2013-11-15] (Skype Technologies S.A.)
MountPoints2: {19391c45-ff6b-11e2-be6d-806e6f6e6963} - "F:\Install.exe"
Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration .LNK
ShortcutTarget: Registration .LNK -> D:\SteamLibrary 1\SteamApps\common\Assassins Creed\Register\RegistrationReminder.exe (Ubisoft)
BootExecute: autocheck autochk * sh4native Sh4Removal
==================== Internet (Whitelisted) ====================
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Re-markit - {4d5c5a63-c98f-4693-a3dc-5cf708212045} - C:\Program Files (x86)\Re-markit\150.dll ()
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{1EF16CE7-27BD-418D-8EAE-D520C7E5C11A}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\c0gzrzvn.default
FF user.js: detected! => C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\c0gzrzvn.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\c0gzrzvn.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKCU\...\Firefox\Extensions: [{1766c545-cec8-4a4d-a869-a22153bec7a3}] - C:\Program Files (x86)\Re-markit\150.xpi
FF Extension: Re-markit - C:\Program Files (x86)\Re-markit\150.xpi
FF Extension: Re-markit - C:\Program Files (x86)\Re-markit\150.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-05-23] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-05-23] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2013-05-23] (ASUSTeK Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] ()
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-02-16] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-11-11] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 70e6ca8c; "c:\progra~2\optimi~1\OptProCrash.exe" [x]
==================== Drivers (Whitelisted) ====================
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-23] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 e1edc438-f640-4184-a443-d2a7c37a01dc; \??\G:\690b33e1-0462-4e84-9bea-c7552b45432a.sys [x]
S3 UCORESYS; \??\G:\UCORESYS.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-25 13:54 - 2013-12-25 13:54 - 00015654 _____ C:\Users\Thomas\Downloads\FRST.txt
2013-12-25 13:53 - 2013-12-25 13:53 - 00000000 ____D C:\FRST
2013-12-25 13:50 - 2013-12-25 13:50 - 01928636 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe
2013-12-25 02:43 - 2013-12-25 02:43 - 00000052 _____ C:\Users\Thomas\Desktop\güeni wörter.txt
2013-12-25 02:26 - 2013-12-25 02:31 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-12-25 02:26 - 2013-12-25 02:30 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-25 02:26 - 2013-12-25 02:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-25 02:25 - 2013-12-25 02:31 - 00000000 ____D C:\Users\Thomas\Desktop\mbar
2013-12-25 02:25 - 2013-12-25 02:30 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-25 02:25 - 2013-12-25 02:25 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Thomas\Downloads\mbar-1.07.0.1008.exe
2013-12-25 01:17 - 2013-12-25 01:17 - 00011300 _____ C:\spyhunter.fix
2013-12-25 01:17 - 2010-08-05 17:01 - 00014680 _____ C:\Windows\system32\sh4native.exe
2013-12-25 01:16 - 2013-12-25 01:16 - 00000000 ____D C:\Users\Thomas\Desktop\Neuer Ordner
2013-12-25 00:35 - 2013-12-25 01:16 - 00002191 _____ C:\Users\Thomas\Desktop\SpyHunter.lnk
2013-12-25 00:35 - 2013-12-25 01:16 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-12-25 00:35 - 2013-12-25 00:35 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Thomas\Downloads\SpyHunter-Installer(2).exe
2013-12-25 00:19 - 2013-12-25 00:19 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Thomas\Downloads\SpyHunter-Installer(1).exe
2013-12-25 00:03 - 2013-12-25 00:03 - 00002238 _____ C:\Users\Public\Desktop\WinZip.lnk
2013-12-25 00:03 - 2013-12-25 00:03 - 00000000 ____D C:\Users\Thomas\AppData\Local\WinZip
2013-12-25 00:02 - 2013-12-25 00:03 - 00000000 ____D C:\ProgramData\WinZip
2013-12-25 00:02 - 2013-12-25 00:03 - 00000000 ____D C:\Program Files (x86)\WinZip
2013-12-25 00:02 - 2013-12-25 00:02 - 43543552 _____ C:\Users\Thomas\Downloads\wz180gev-32.msi
2013-12-25 00:01 - 2013-12-25 00:01 - 14959168 _____ C:\Users\Thomas\Downloads\SpyHunter 4.1.11.0 + Crack.rar
2013-12-24 23:33 - 2013-12-24 23:33 - 00003332 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2013-12-24 23:33 - 2013-12-24 23:33 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-24 23:33 - 2013-12-24 23:33 - 00000000 _____ C:\autoexec.bat
2013-12-24 23:32 - 2013-12-25 00:35 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2013-12-24 23:32 - 2013-12-24 23:32 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Thomas\Downloads\SpyHunter-Installer.exe
2013-12-24 23:25 - 2013-12-24 23:25 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Avira
2013-12-24 23:25 - 2013-12-24 23:25 - 00000000 ____D C:\ProgramData\APN
2013-12-24 23:24 - 2013-12-24 23:24 - 00002073 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-24 23:24 - 2013-12-24 23:24 - 00000000 ____D C:\ProgramData\Avira
2013-12-24 23:24 - 2013-12-24 23:24 - 00000000 ____D C:\Program Files (x86)\Avira
2013-12-24 23:24 - 2013-12-09 11:37 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-24 23:24 - 2013-12-09 11:37 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-24 23:24 - 2013-12-09 11:37 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-24 23:24 - 2013-12-09 11:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-24 23:22 - 2013-11-19 11:21 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-12-24 23:17 - 2013-12-24 23:17 - 129598176 _____ C:\Users\Thomas\Downloads\avira_free_antivirus_de_14.0.2.286.exe
2013-12-23 16:21 - 2013-12-25 13:47 - 00000000 ____D C:\Users\Thomas\AppData\Local\LogMeIn Hamachi
2013-12-23 16:21 - 2013-12-23 16:21 - 00000933 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-12-23 16:21 - 2013-12-23 16:21 - 00000000 ____D C:\Users\Thomas\AppData\Local\LogMeIn
2013-12-23 16:21 - 2013-12-23 16:21 - 00000000 ____D C:\ProgramData\LogMeIn
2013-12-23 16:21 - 2013-12-23 16:21 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-23 16:20 - 2013-12-23 16:20 - 00000404 _____ C:\Windows\Tasks\Re-markit Update.job
2013-12-23 16:20 - 2013-12-23 16:20 - 00000000 ____D C:\Users\Thomas\Documents\Optimizer Pro
2013-12-23 16:20 - 2013-12-23 16:20 - 00000000 ____D C:\Program Files (x86)\Re-markit
2013-12-23 16:19 - 2013-12-23 16:19 - 00470864 _____ C:\Users\Thomas\Downloads\hamachi.exe
2013-12-22 22:20 - 2013-12-25 01:18 - 00000000 ____D C:\Users\Thomas\AppData\Local\CrashDumps
2013-12-22 20:54 - 2013-12-22 20:54 - 00000220 _____ C:\Users\Thomas\Desktop\Garry's Mod.url
2013-12-20 22:17 - 2013-12-20 22:30 - 00000000 ____D C:\Users\Thomas\Documents\GTA San Andreas User Files
2013-12-20 22:06 - 2013-12-20 22:06 - 00000557 _____ C:\Users\Public\Desktop\GTA San Andreas.lnk
2013-12-20 13:20 - 2013-12-20 13:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-18 17:03 - 2013-12-18 17:04 - 00000000 ____D C:\Users\Thomas\Desktop\Film the Ghosts 3
2013-12-18 16:51 - 2013-12-18 16:54 - 00000000 ____D C:\Users\Thomas\Desktop\Film the Ghosts 2
2013-12-18 16:12 - 2013-12-18 16:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-12-18 11:58 - 2013-12-18 11:58 - 00575168 _____ (Microsoft Corporation) C:\Users\Thomas\Downloads\Setup.X86.de-DE_O365HomePremRetail_3d175c15-87d4-4001-92e3-222ff85e7a2c_TX_DB_.exe
2013-12-13 23:13 - 2013-12-13 23:13 - 00353496 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 11:24 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 11:24 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 11:24 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 11:24 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-12-12 11:24 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 11:24 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 11:24 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-12 11:24 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 11:24 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 11:24 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 11:24 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-12 11:24 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 11:24 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 11:24 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 11:24 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 11:24 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 11:24 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 11:24 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-12 11:24 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-12 11:24 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 11:24 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 11:24 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 11:23 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 11:23 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 11:23 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 11:23 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 11:23 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 11:23 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2013-12-12 11:23 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 11:23 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 11:23 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 11:23 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2013-12-12 11:23 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 11:23 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-12-12 11:23 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-12-12 11:23 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-12-12 11:23 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-12-12 11:23 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-12-12 11:23 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-12-12 11:23 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-12-12 11:23 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-12-12 11:23 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-12-12 11:23 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-12-12 11:23 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-12-12 11:23 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-12-12 11:23 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-12-12 11:23 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-12-12 11:23 - 2013-10-03 23:09 - 00385528 _____ C:\Windows\system32\ApnDatabase.xml
2013-12-12 11:23 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-12-12 11:23 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-12-12 11:23 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-12-12 11:23 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-12-12 11:23 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2013-12-12 11:23 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2013-12-12 11:23 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2013-12-12 11:23 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2013-12-11 16:49 - 2013-12-11 16:55 - 00000000 ____D C:\Users\Thomas\Desktop\Untitled
2013-12-10 00:27 - 2013-12-10 00:28 - 00004608 _____ C:\Users\Thomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-10 00:26 - 2013-12-10 00:26 - 00000000 ____D C:\Users\Thomas\AppData\Local\TechSmith
2013-12-10 00:24 - 2013-12-18 16:34 - 00000000 ____D C:\Users\Thomas\Documents\Camtasia Studio
2013-12-10 00:24 - 2013-12-10 00:24 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\TechSmith
2013-12-10 00:23 - 2013-12-10 00:23 - 00001175 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-12-10 00:23 - 2013-12-10 00:23 - 00000000 ____D C:\ProgramData\TechSmith
2013-12-10 00:23 - 2013-12-10 00:23 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-12-10 00:23 - 2013-12-10 00:23 - 00000000 ____D C:\Program Files (x86)\TechSmith
2013-12-10 00:23 - 2013-12-10 00:23 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-10 00:21 - 2013-12-10 00:22 - 255470952 _____ C:\Users\Thomas\Downloads\camtasia(2).exe
2013-12-09 23:38 - 2013-12-13 11:15 - 00000000 ____D C:\Fraps
2013-12-09 23:38 - 2013-12-09 23:38 - 00000569 _____ C:\Users\Public\Desktop\Fraps.lnk
2013-12-09 23:37 - 2013-12-09 23:37 - 02782320 _____ (Beepa Pty Ltd) C:\Users\Thomas\Downloads\fraps_3.5.99_build_15618.exe
2013-12-09 16:12 - 2013-12-09 16:12 - 00000000 ____D C:\Users\Thomas\AppData\Local\Skyrim
2013-12-07 23:38 - 2013-12-07 23:38 - 00000000 ____D C:\Users\Thomas\Documents\a61b2b_50042290c449d-1
2013-12-05 22:24 - 2013-12-05 22:24 - 00000000 ____D C:\Users\Thomas\Documents\Games for Windows - LIVE Demos
2013-12-05 22:23 - 2013-12-05 22:23 - 00642712 _____ (Microsoft Corporation) C:\Users\Thomas\Downloads\gfwlive35setup.exe
2013-12-05 22:23 - 2013-12-05 22:23 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-12-05 22:23 - 2013-12-05 22:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-12-05 21:44 - 2013-12-05 21:44 - 00000221 _____ C:\Users\Thomas\Desktop\Dead Rising 2.url
2013-12-03 18:20 - 2013-12-03 18:20 - 00000000 ____D C:\Users\Thomas\Documents\RPGVXAce
2013-12-03 08:17 - 2013-12-03 08:17 - 00000000 ____D C:\Users\Thomas\AppData\Local\NVIDIA Corporation
2013-12-03 08:16 - 2013-10-30 18:03 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-12-03 08:16 - 2013-10-30 18:02 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-12-01 19:46 - 2013-12-01 19:46 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Ubisoft
2013-12-01 19:46 - 2013-12-01 19:46 - 00000000 ____D C:\ProgramData\Ubisoft
2013-11-29 17:19 - 2013-11-29 17:19 - 00000563 _____ C:\Windows\wmsetup.log
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\Users\Thomas\Documents\DeadIsland
2013-11-29 16:19 - 2013-11-29 16:19 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2013-11-29 14:28 - 2013-11-29 14:28 - 00000221 _____ C:\Users\Thomas\Desktop\Assassin's Creed.url
2013-11-29 14:28 - 2013-11-29 14:28 - 00000221 _____ C:\Users\Thomas\Desktop\Assassin's Creed II.url
2013-11-29 14:28 - 2013-11-29 14:28 - 00000220 _____ C:\Users\Thomas\Desktop\BioShock Infinite.url
2013-11-29 14:28 - 2013-11-29 14:28 - 00000219 _____ C:\Users\Thomas\Desktop\Left 4 Dead 2.url
2013-11-29 14:28 - 2013-11-29 14:28 - 00000200 _____ C:\Users\Thomas\Desktop\Left 4 Dead 2 Beta.url
2013-11-28 21:28 - 2013-11-28 21:28 - 00000221 _____ C:\Users\Thomas\Desktop\Dead Island.url
2013-11-28 17:28 - 2013-12-03 08:20 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\NVIDIA
==================== One Month Modified Files and Folders =======
2013-12-25 13:54 - 2013-12-25 13:54 - 00015654 _____ C:\Users\Thomas\Downloads\FRST.txt
2013-12-25 13:53 - 2013-12-25 13:53 - 00000000 ____D C:\FRST
2013-12-25 13:52 - 2013-11-11 16:00 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1024078695-4070549636-15272355-1001
2013-12-25 13:50 - 2013-12-25 13:50 - 01928636 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe
2013-12-25 13:49 - 2013-08-07 15:14 - 01282182 _____ C:\Windows\WindowsUpdate.log
2013-12-25 13:49 - 2013-04-25 15:30 - 00438002 _____ C:\Windows\system32\prfh0404.dat
2013-12-25 13:49 - 2013-04-25 15:30 - 00132890 _____ C:\Windows\system32\prfc0404.dat
2013-12-25 13:49 - 2013-04-25 15:23 - 00423682 _____ C:\Windows\system32\prfh0804.dat
2013-12-25 13:49 - 2013-04-25 15:23 - 00132890 _____ C:\Windows\system32\prfc0804.dat
2013-12-25 13:49 - 2013-04-25 15:17 - 00777534 _____ C:\Windows\system32\prfh0816.dat
2013-12-25 13:49 - 2013-04-25 15:17 - 00160312 _____ C:\Windows\system32\prfc0816.dat
2013-12-25 13:49 - 2013-04-25 15:12 - 00786390 _____ C:\Windows\system32\perfh013.dat
2013-12-25 13:49 - 2013-04-25 15:12 - 00158924 _____ C:\Windows\system32\perfc013.dat
2013-12-25 13:49 - 2013-04-25 15:05 - 00781816 _____ C:\Windows\system32\perfh010.dat
2013-12-25 13:49 - 2013-04-25 15:05 - 00152946 _____ C:\Windows\system32\perfc010.dat
2013-12-25 13:49 - 2013-04-25 14:59 - 00790862 _____ C:\Windows\system32\perfh00C.dat
2013-12-25 13:49 - 2013-04-25 14:59 - 00155422 _____ C:\Windows\system32\perfc00C.dat
2013-12-25 13:49 - 2013-04-25 14:52 - 00788786 _____ C:\Windows\system32\perfh00A.dat
2013-12-25 13:49 - 2013-04-25 14:52 - 00162692 _____ C:\Windows\system32\perfc00A.dat
2013-12-25 13:49 - 2013-04-25 14:42 - 00542632 _____ C:\Windows\system32\perfh008.dat
2013-12-25 13:49 - 2013-04-25 14:42 - 00089196 _____ C:\Windows\system32\perfc008.dat
2013-12-25 13:49 - 2013-04-25 14:36 - 00752930 _____ C:\Windows\system32\perfh007.dat
2013-12-25 13:49 - 2013-04-25 14:36 - 00156156 _____ C:\Windows\system32\perfc007.dat
2013-12-25 13:49 - 2012-07-26 08:28 - 08223984 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-25 13:48 - 2013-11-16 21:53 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Skype
2013-12-25 13:47 - 2013-12-23 16:21 - 00000000 ____D C:\Users\Thomas\AppData\Local\LogMeIn Hamachi
2013-12-25 13:47 - 2013-11-11 16:23 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-25 13:47 - 2013-11-11 16:22 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-25 13:45 - 2013-08-07 15:26 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-25 13:45 - 2013-06-21 12:10 - 00114846 _____ C:\Windows\PFRO.log
2013-12-25 13:45 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-25 02:43 - 2013-12-25 02:43 - 00000052 _____ C:\Users\Thomas\Desktop\güeni wörter.txt
2013-12-25 02:31 - 2013-12-25 02:26 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-12-25 02:31 - 2013-12-25 02:25 - 00000000 ____D C:\Users\Thomas\Desktop\mbar
2013-12-25 02:30 - 2013-12-25 02:26 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-25 02:30 - 2013-12-25 02:25 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-25 02:30 - 2013-11-11 16:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-25 02:26 - 2013-12-25 02:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-25 02:25 - 2013-12-25 02:25 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Thomas\Downloads\mbar-1.07.0.1008.exe
2013-12-25 02:02 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2013-12-25 01:18 - 2013-12-22 22:20 - 00000000 ____D C:\Users\Thomas\AppData\Local\CrashDumps
2013-12-25 01:17 - 2013-12-25 01:17 - 00011300 _____ C:\spyhunter.fix
2013-12-25 01:16 - 2013-12-25 01:16 - 00000000 ____D C:\Users\Thomas\Desktop\Neuer Ordner
2013-12-25 01:16 - 2013-12-25 00:35 - 00002191 _____ C:\Users\Thomas\Desktop\SpyHunter.lnk
2013-12-25 01:16 - 2013-12-25 00:35 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-12-25 00:41 - 2013-11-11 16:11 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-25 00:41 - 2013-11-11 15:54 - 00001445 _____ C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 00:35 - 2013-12-25 00:35 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Thomas\Downloads\SpyHunter-Installer(2).exe
2013-12-25 00:35 - 2013-12-24 23:32 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2013-12-25 00:19 - 2013-12-25 00:19 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Thomas\Downloads\SpyHunter-Installer(1).exe
2013-12-25 00:03 - 2013-12-25 00:03 - 00002238 _____ C:\Users\Public\Desktop\WinZip.lnk
2013-12-25 00:03 - 2013-12-25 00:03 - 00000000 ____D C:\Users\Thomas\AppData\Local\WinZip
2013-12-25 00:03 - 2013-12-25 00:02 - 00000000 ____D C:\ProgramData\WinZip
2013-12-25 00:03 - 2013-12-25 00:02 - 00000000 ____D C:\Program Files (x86)\WinZip
2013-12-25 00:03 - 2013-11-11 15:52 - 00000000 ____D C:\Users\Thomas
2013-12-25 00:02 - 2013-12-25 00:02 - 43543552 _____ C:\Users\Thomas\Downloads\wz180gev-32.msi
2013-12-25 00:01 - 2013-12-25 00:01 - 14959168 _____ C:\Users\Thomas\Downloads\SpyHunter 4.1.11.0 + Crack.rar
2013-12-24 23:33 - 2013-12-24 23:33 - 00003332 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2013-12-24 23:33 - 2013-12-24 23:33 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-24 23:33 - 2013-12-24 23:33 - 00000000 _____ C:\autoexec.bat
2013-12-24 23:32 - 2013-12-24 23:32 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Thomas\Downloads\SpyHunter-Installer.exe
2013-12-24 23:25 - 2013-12-24 23:25 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Avira
2013-12-24 23:25 - 2013-12-24 23:25 - 00000000 ____D C:\ProgramData\APN
2013-12-24 23:24 - 2013-12-24 23:24 - 00002073 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-24 23:24 - 2013-12-24 23:24 - 00000000 ____D C:\ProgramData\Avira
2013-12-24 23:24 - 2013-12-24 23:24 - 00000000 ____D C:\Program Files (x86)\Avira
2013-12-24 23:23 - 2013-06-21 13:36 - 00000000 ____D C:\ProgramData\McAfee
2013-12-24 23:22 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-12-24 23:17 - 2013-12-24 23:17 - 129598176 _____ C:\Users\Thomas\Downloads\avira_free_antivirus_de_14.0.2.286.exe
2013-12-24 12:14 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-12-23 16:21 - 2013-12-23 16:21 - 00000933 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-12-23 16:21 - 2013-12-23 16:21 - 00000000 ____D C:\Users\Thomas\AppData\Local\LogMeIn
2013-12-23 16:21 - 2013-12-23 16:21 - 00000000 ____D C:\ProgramData\LogMeIn
2013-12-23 16:21 - 2013-12-23 16:21 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-23 16:20 - 2013-12-23 16:20 - 00000404 _____ C:\Windows\Tasks\Re-markit Update.job
2013-12-23 16:20 - 2013-12-23 16:20 - 00000000 ____D C:\Users\Thomas\Documents\Optimizer Pro
2013-12-23 16:20 - 2013-12-23 16:20 - 00000000 ____D C:\Program Files (x86)\Re-markit
2013-12-23 16:19 - 2013-12-23 16:19 - 00470864 _____ C:\Users\Thomas\Downloads\hamachi.exe
2013-12-22 20:54 - 2013-12-22 20:54 - 00000220 _____ C:\Users\Thomas\Desktop\Garry's Mod.url
2013-12-22 11:15 - 2013-11-11 15:54 - 00000000 ___RD C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-21 00:56 - 2013-11-11 16:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-20 22:30 - 2013-12-20 22:17 - 00000000 ____D C:\Users\Thomas\Documents\GTA San Andreas User Files
2013-12-20 22:06 - 2013-12-20 22:06 - 00000557 _____ C:\Users\Public\Desktop\GTA San Andreas.lnk
2013-12-20 22:06 - 2013-06-21 13:23 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-20 13:20 - 2013-12-20 13:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-18 17:04 - 2013-12-18 17:03 - 00000000 ____D C:\Users\Thomas\Desktop\Film the Ghosts 3
2013-12-18 16:54 - 2013-12-18 16:51 - 00000000 ____D C:\Users\Thomas\Desktop\Film the Ghosts 2
2013-12-18 16:34 - 2013-12-10 00:24 - 00000000 ____D C:\Users\Thomas\Documents\Camtasia Studio
2013-12-18 16:12 - 2013-12-18 16:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-12-18 16:12 - 2012-07-26 08:21 - 00018298 _____ C:\Windows\setupact.log
2013-12-18 12:47 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-12-18 11:58 - 2013-12-18 11:58 - 00575168 _____ (Microsoft Corporation) C:\Users\Thomas\Downloads\Setup.X86.de-DE_O365HomePremRetail_3d175c15-87d4-4001-92e3-222ff85e7a2c_TX_DB_.exe
2013-12-17 12:24 - 2013-11-16 21:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-17 12:24 - 2013-11-16 21:53 - 00000000 ____D C:\ProgramData\Skype
2013-12-16 10:51 - 2013-11-14 14:06 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-16 10:51 - 2013-11-14 14:06 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 23:13 - 2013-12-13 23:13 - 00353496 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-13 17:44 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2013-12-13 17:44 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-12-13 11:15 - 2013-12-09 23:38 - 00000000 ____D C:\Fraps
2013-12-12 11:53 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe
2013-12-12 11:52 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2013-12-12 11:52 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\en-GB
2013-12-11 16:55 - 2013-12-11 16:49 - 00000000 ____D C:\Users\Thomas\Desktop\Untitled
2013-12-10 19:30 - 2013-11-11 16:20 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 13:33 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\NDF
2013-12-10 12:13 - 2013-11-14 18:01 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2013-12-10 00:28 - 2013-12-10 00:27 - 00004608 _____ C:\Users\Thomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-10 00:26 - 2013-12-10 00:26 - 00000000 ____D C:\Users\Thomas\AppData\Local\TechSmith
2013-12-10 00:24 - 2013-12-10 00:24 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\TechSmith
2013-12-10 00:23 - 2013-12-10 00:23 - 00001175 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-12-10 00:23 - 2013-12-10 00:23 - 00000000 ____D C:\ProgramData\TechSmith
2013-12-10 00:23 - 2013-12-10 00:23 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-12-10 00:23 - 2013-12-10 00:23 - 00000000 ____D C:\Program Files (x86)\TechSmith
2013-12-10 00:23 - 2013-12-10 00:23 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-10 00:22 - 2013-12-10 00:21 - 255470952 _____ C:\Users\Thomas\Downloads\camtasia(2).exe
2013-12-09 23:38 - 2013-12-09 23:38 - 00000569 _____ C:\Users\Public\Desktop\Fraps.lnk
2013-12-09 23:37 - 2013-12-09 23:37 - 02782320 _____ (Beepa Pty Ltd) C:\Users\Thomas\Downloads\fraps_3.5.99_build_15618.exe
2013-12-09 16:12 - 2013-12-09 16:12 - 00000000 ____D C:\Users\Thomas\AppData\Local\Skyrim
2013-12-09 16:12 - 2013-06-21 13:46 - 00376634 _____ C:\Windows\DirectX.log
2013-12-09 11:37 - 2013-12-24 23:24 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-09 11:37 - 2013-12-24 23:24 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-09 11:37 - 2013-12-24 23:24 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-09 11:37 - 2013-12-24 23:24 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-07 23:38 - 2013-12-07 23:38 - 00000000 ____D C:\Users\Thomas\Documents\a61b2b_50042290c449d-1
2013-12-05 22:27 - 2013-11-12 16:49 - 00000000 ____D C:\Users\Thomas\Documents\my games
2013-12-05 22:24 - 2013-12-05 22:24 - 00000000 ____D C:\Users\Thomas\Documents\Games for Windows - LIVE Demos
2013-12-05 22:23 - 2013-12-05 22:23 - 00642712 _____ (Microsoft Corporation) C:\Users\Thomas\Downloads\gfwlive35setup.exe
2013-12-05 22:23 - 2013-12-05 22:23 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-12-05 22:23 - 2013-12-05 22:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-12-05 21:44 - 2013-12-05 21:44 - 00000221 _____ C:\Users\Thomas\Desktop\Dead Rising 2.url
2013-12-04 10:53 - 2013-11-16 21:57 - 00030720 ___SH C:\Users\Thomas\Downloads\Thumbs.db
2013-12-04 01:53 - 2012-07-26 09:14 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:53 - 2012-07-26 09:14 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-03 18:20 - 2013-12-03 18:20 - 00000000 ____D C:\Users\Thomas\Documents\RPGVXAce
2013-12-03 08:20 - 2013-11-28 17:28 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\NVIDIA
2013-12-03 08:17 - 2013-12-03 08:17 - 00000000 ____D C:\Users\Thomas\AppData\Local\NVIDIA Corporation
2013-12-03 08:17 - 2013-11-12 12:35 - 00000000 ____D C:\Users\Thomas\AppData\Local\NVIDIA
2013-12-03 08:17 - 2013-08-07 15:24 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-03 08:16 - 2013-08-07 15:24 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-03 08:16 - 2013-08-07 15:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-01 19:46 - 2013-12-01 19:46 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Ubisoft
2013-12-01 19:46 - 2013-12-01 19:46 - 00000000 ____D C:\ProgramData\Ubisoft
2013-11-29 17:56 - 2013-11-12 12:33 - 01096480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-11-29 17:56 - 2013-11-12 12:33 - 00979744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-11-29 17:19 - 2013-11-29 17:19 - 00000563 _____ C:\Windows\wmsetup.log
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\Users\Thomas\Documents\DeadIsland
2013-11-29 16:19 - 2013-11-29 16:19 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2013-11-29 14:28 - 2013-11-29 14:28 - 00000221 _____ C:\Users\Thomas\Desktop\Assassin's Creed.url
2013-11-29 14:28 - 2013-11-29 14:28 - 00000221 _____ C:\Users\Thomas\Desktop\Assassin's Creed II.url
2013-11-29 14:28 - 2013-11-29 14:28 - 00000220 _____ C:\Users\Thomas\Desktop\BioShock Infinite.url
2013-11-29 14:28 - 2013-11-29 14:28 - 00000219 _____ C:\Users\Thomas\Desktop\Left 4 Dead 2.url
2013-11-29 14:28 - 2013-11-29 14:28 - 00000200 _____ C:\Users\Thomas\Desktop\Left 4 Dead 2 Beta.url
2013-11-28 21:28 - 2013-11-28 21:28 - 00000221 _____ C:\Users\Thomas\Desktop\Dead Island.url
Some content of TEMP:
====================
C:\Users\Thomas\AppData\Local\Temp\avgnt.exe
C:\Users\Thomas\AppData\Local\Temp\Offercast_AVIRAV7_.exe
C:\Users\Thomas\AppData\Local\Temp\SHSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-18 12:04
==================== End Of Log ============================
--- --- ---
und hier ist der Addition LOG:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-12-2013 01
Ran by Bluep4x at 2013-12-25 13:54:49
Running from C:\Users\Thomas\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Reader X (10.1.3) MUI (x32 Version: 10.1.3)
AI Suite II (x32 Version: 2.01.05)
Alcor Micro USB Card Reader Driver (x32 Version: 20.1.6362.11129)
Assassin's Creed (x32)
Assassin's Creed II (x32)
ASUS Ai Charger (x32 Version: 1.03.00)
ASUS Easy Update 2 (x32 Version: 3.00.06)
ASUS Music Maker (Version: 18.0.3.3)
ASUS Music Maker (x32 Version: 18.0.3.3)
ASUS MX Suite (Version: 1.13.0.121)
ASUS MX Suite (x32 Version: 1.13.0.121)
ASUS Video easy (Version: 3.0.1.42)
ASUS Video easy (x32 Version: 3.0.1.42)
ASUS WebStorage Sync Agent (x32 Version: 1.1.18.159)
ASUSDVD (x32 Version: 10.0.4127.52)
AsusVibe2.0 (x32 Version: 2.0.12.309)
Avira Free Antivirus (x32 Version: 14.0.2.286)
Battlefield 4™ (x32 Version: 1.0.0.0)
Battlelog Web Plugins (x32 Version: 2.3.0)
Bing Bar (x32 Version: 7.2.241.0)
BioShock Infinite (x32)
Call of Duty: Black Ops - Multiplayer (x32)
Call of Duty: Black Ops II - Multiplayer (x32)
Call of Duty: Ghosts - Multiplayer (x32)
Call of Duty: Ghosts (x32)
Call of Duty: Modern Warfare 2 - Multiplayer (x32)
Call of Duty: Modern Warfare 3 - Multiplayer (x32)
Camtasia Studio 8 (x32 Version: 8.2.0.1416)
D3DX10 (x32 Version: 15.4.2368.0902)
Dead Island (x32)
Dead Rising 2 (x32 Version: 1.0.0002.130)
Dead Rising 2 (x32)
DMUninstaller (x32)
eManual (x32 Version: 1.00.06)
ESN Sonar (x32 Version: 0.70.4)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0)
Fotogalerie (x32 Version: 16.4.3505.0912)
Fraps (remove only) (x32)
Galeria de Fotografias (x32 Version: 16.4.3505.0912)
Galería de fotos (x32 Version: 16.4.3505.0912)
Galerie de photos (x32 Version: 16.4.3505.0912)
Garry's Mod (x32)
GeForce Experience NvStream Client Components (Version: 1.6.28)
Grand Theft Auto San Andreas (x32 Version: 1.00.00001)
Intel(R) Control Center (x32 Version: 1.2.1.1010)
Intel(R) Management Engine Components (x32 Version: 9.0.0.1310)
Intel(R) Rapid Storage Technology (Version: 12.0.0.1083)
Intel® Trusted Connect Service Client (Version: 1.27.757.1)
Left 4 Dead 2 (x32)
Left 4 Dead 2 Beta (x32)
LogMeIn Hamachi (x32 Version: 2.2.0.109)
McAfee Security Scan Plus (Version: 3.8.130.10)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.67.0)
Microsoft Office (x32 Version: 15.0.4454.1510)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
NVIDIA 3D Vision Controller-Treiber 331.65 (Version: 331.65)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65)
NVIDIA GeForce Experience 1.8 (Version: 1.8)
NVIDIA Grafiktreiber 331.65 (Version: 331.65)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.142.992)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA Network Service (Version: 1.0)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA ShadowPlay 10.10.5 (Version: 10.10.5)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165)
NVIDIA Systemsteuerung 331.65 (Version: 331.65)
NVIDIA Update 10.10.5 (Version: 10.10.5)
NVIDIA Update Core (Version: 10.10.5)
NVIDIA Virtual Audio 1.2.12 (Version: 1.2.12)
Origin (x32 Version: 9.3.10.4710)
Photo Common (x32 Version: 16.4.3505.0912)
Photo Gallery (x32 Version: 16.4.3505.0912)
PunkBuster Services (x32 Version: 0.993)
Raccolta foto (x32 Version: 16.4.3505.0912)
Ralink RT2860 Wireless LAN Card (x32 Version: 1.2.0.40)
Realtek Ethernet Controller Driver (x32 Version: 8.10.1226.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6865)
Re-markit (x32)
RPG Maker VX Ace (x32)
Shared C Run-time for x64 (Version: 10.0.0)
SHIELD Streaming (Version: 1.6.75)
Skype™ 6.11 (x32 Version: 6.11.102)
SpyHunter (Version: 4.16.5.4290)
Steam (x32 Version: 1.0.0.0)
The Elder Scrolls V: Skyrim (x32)
Why ASUS PC (x32 Version: 1.00.02)
Windows Live (x32 Version: 16.4.3505.0912)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live 程式集 (x32 Version: 16.4.3505.0912)
Windows Live 软件包 (x32 Version: 16.4.3505.0912)
WinZip 18.0 (x32 Version: 18.0.10661)
World of Warcraft (x32)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912)
影像中心 (x32 Version: 16.4.3505.0912)
照片库 (x32 Version: 16.4.3505.0912)
==================== Restore Points =========================
20-12-2013 21:06:49 Installiert Grand Theft Auto San Andreas
23-12-2013 15:21:02 Installed LogMeIn Hamachi
24-12-2013 22:32:58 Installed SpyHunter
==================== Hosts content: ==========================
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {06448F1E-D61D-4E5E-B0B0-66875AEFA57D} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
Task: {11B04769-CDB3-440E-8C86-F70FCFF83F35} - System32\Tasks\ASUS\ASUS Lighting Execute => C:\Program Files (x86)\ASUS\AI Suite II\Lighting\Lighting.exe [2013-04-13] (ASUSTeK)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1BCFFCC1-0A1B-4537-9C2F-06F8EEDF77D2} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {48B4C33F-76AE-4099-AB9D-F3319C343837} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CAAE8628-2441-472E-B764-E4450EBB1AE1} - System32\Tasks\ASUS\ASUS Easy Update 2 => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [2013-04-02] (ASUSTeK Computer Inc.)
Task: {D0EAFB79-42F2-49F2-88A0-9BCA0F04D798} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe [2013-10-18] (Enigma Software Group USA, LLC.)
Task: {E8DA55DF-6816-49F8-84E7-BEA7984C08EA} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F76E7C05-2734-4728-9468-37ACFE1A33E8} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit\ReMarkit_up.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-06-21 13:04 - 2013-01-02 07:55 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-07-25 21:44 - 2012-07-25 21:35 - 00129024 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2013-12-24 23:24 - 2013-12-09 11:37 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-06-21 13:32 - 2013-12-25 13:45 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-06-21 13:32 - 2010-06-29 03:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-06-21 13:29 - 2012-11-23 01:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ASUS Easy Update\AsMultiLang.dll
2013-10-24 09:45 - 2013-11-06 22:48 - 00691200 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-10-30 11:25 - 2013-12-11 20:40 - 01135016 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-10-23 12:07 - 2013-11-06 22:48 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 15:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 15:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 15:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-11-11 16:23 - 2013-11-21 02:03 - 00064000 _____ () C:\Program Files (x86)\Origin\tufao.dll
2013-08-07 15:12 - 2013-02-16 01:17 - 01199576 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-12-20 13:20 - 2013-12-20 13:20 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-11-14 17:30 - 2012-02-01 16:15 - 01042432 _____ () C:\Users\Thomas\AppData\Local\Microsoft\BingBar\Apps\Translator_f5cbd3ef4c144434b17913278004e270\7.2.230\Blingext.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/25/2013 01:20:07 AM) (Source: MsiInstaller) (User: Bluep4x)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:
Mozilla Firefox
Error: (12/25/2013 01:19:21 AM) (Source: MsiInstaller) (User: Bluep4x)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:
Mozilla Firefox
Error: (12/25/2013 01:18:15 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.2.9200.16628, Zeitstempel: 0x51a94434
Name des fehlerhaften Moduls: twinui.dll, Version: 6.2.9200.16680, Zeitstempel: 0x51fb45f3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000fcb06
ID des fehlerhaften Prozesses: 0x5dc
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5
Error: (12/25/2013 01:16:34 AM) (Source: MsiInstaller) (User: Bluep4x)
Description: Produkt: SpyHunter -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: , Pfad: WiseCustomCall, Befehl: g0
Error: (12/25/2013 01:14:43 AM) (Source: MsiInstaller) (User: Bluep4x)
Description: Produkt: SpyHunter -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: , Pfad: WiseCustomCall, Befehl: g0
Error: (12/25/2013 00:40:20 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SpyHunter4.exe, Version: 4.16.5.4290, Zeitstempel: 0x52614fd2
Name des fehlerhaften Moduls: ShScanner.dll, Version: 1.1.42.90, Zeitstempel: 0x52614f35
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000014e13
ID des fehlerhaften Prozesses: 0x1b04
Startzeit der fehlerhaften Anwendung: 0xSpyHunter4.exe0
Pfad der fehlerhaften Anwendung: SpyHunter4.exe1
Pfad des fehlerhaften Moduls: SpyHunter4.exe2
Berichtskennung: SpyHunter4.exe3
Vollständiger Name des fehlerhaften Pakets: SpyHunter4.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SpyHunter4.exe5
Error: (12/25/2013 00:36:01 AM) (Source: MsiInstaller) (User: Bluep4x)
Description: Produkt: SpyHunter -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: , Pfad: WiseCustomCall, Befehl: g5
Error: (12/25/2013 00:33:31 AM) (Source: MsiInstaller) (User: Bluep4x)
Description: Produkt: SpyHunter -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: , Pfad: WiseCustomCall, Befehl: g5
Error: (12/25/2013 00:19:55 AM) (Source: MsiInstaller) (User: Bluep4x)
Description: Produkt: SpyHunter -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: , Pfad: WiseCustomCall, Befehl: g5
Error: (12/25/2013 00:12:48 AM) (Source: MsiInstaller) (User: Bluep4x)
Description: Product: SpyHunter -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: , location: WiseCustomCall, command: g4
System errors:
=============
Error: (12/25/2013 01:17:58 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wpm Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/24/2013 11:22:12 PM) (Source: DCOM) (User: Bluep4x)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (12/24/2013 11:21:42 PM) (Source: DCOM) (User: Bluep4x)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (12/24/2013 06:33:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1243
Error: (12/24/2013 06:33:23 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 24.12.2013 um 18:09:08 unerwartet heruntergefahren.
Error: (12/24/2013 06:33:14 PM) (Source: Microsoft-Windows-Kernel-Boot) (User: NT-AUTORITÄT)
Description: 32212256841162480
Error: (12/24/2013 00:14:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/24/2013 00:14:44 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.
Error: (12/24/2013 00:14:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1243
Error: (12/24/2013 00:14:12 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 24.12.2013 um 01:02:35 unerwartet heruntergefahren.
Microsoft Office Sessions:
=========================
Error: (12/25/2013 01:20:07 AM) (Source: MsiInstaller)(User: Bluep4x)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:
Mozilla Firefox (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/25/2013 01:19:21 AM) (Source: MsiInstaller)(User: Bluep4x)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:
Mozilla Firefox (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/25/2013 01:18:15 AM) (Source: Application Error)(User: )
Description: Explorer.EXE6.2.9200.1662851a94434twinui.dll6.2.9200.1668051fb45f3c000000500000000000fcb065dc01cf0106c6d1e725C:\Windows\Explorer.EXEC:\Windows\System3 2\twinui.dll0bcbad4a-6cfa-11e3-bec5-74d02b9974f1
Error: (12/25/2013 01:16:34 AM) (Source: MsiInstaller)(User: Bluep4x)
Description: Produkt: SpyHunter -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: , Pfad: WiseCustomCall, Befehl: g0 (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/25/2013 01:14:43 AM) (Source: MsiInstaller)(User: Bluep4x)
Description: Produkt: SpyHunter -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: , Pfad: WiseCustomCall, Befehl: g0 (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/25/2013 00:40:20 AM) (Source: Application Error)(User: )
Description: SpyHunter4.exe4.16.5.429052614fd2ShScanner.dll1.1.42.9052614f35c00000050000000000014e131b0401cf00f823d94a51C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exeC:\Program Files\Enigma Software Group\SpyHunter\ShScanner.dllbfdfeb12-6cf4-11e3-bec4-74d02b9974f1
Error: (12/25/2013 00:36:01 AM) (Source: MsiInstaller)(User: Bluep4x)
Description: Produkt: SpyHunter -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: , Pfad: WiseCustomCall, Befehl: g5 (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/25/2013 00:33:31 AM) (Source: MsiInstaller)(User: Bluep4x)
Description: Produkt: SpyHunter -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: , Pfad: WiseCustomCall, Befehl: g5 (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/25/2013 00:19:55 AM) (Source: MsiInstaller)(User: Bluep4x)
Description: Produkt: SpyHunter -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: , Pfad: WiseCustomCall, Befehl: g5 (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/25/2013 00:12:48 AM) (Source: MsiInstaller)(User: Bluep4x)
Description: Product: SpyHunter -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: , location: WiseCustomCall, command: g4 (NULL)(NULL)(NULL)(NULL)(NULL)
==================== Memory info ===========================
Percentage of memory in use: 21%
Total physical RAM: 16292.21 MB
Available physical RAM: 12844.23 MB
Total Pagefile: 18596.21 MB
Available Pagefile: 15218.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:217.96 GB) (Free:10.55 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:1862.89 GB) (Free:1684.56 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:1862.89 GB) (Free:1862.66 GB) NTFS
Drive f: (SA_GER_V201B) (CDROM) (Total:4.05 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 238 GB) (Disk ID: 7BB04720)
Partition: GPT Partition Type
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT Partition Type
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT Partition Type
==================== End Of Log ============================
Danke für die Hilfe
FRST 32-Bit | FRST 64-Bit
So funktioniert es:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
