| LikeaBOSS | 11.05.2014 21:59 |
Danke für die schnelle Antwort
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-05-2014
Ran by Flo (administrator) on FLO-PC on 11-05-2014 11:21:54
Running from C:\Users\Flo\downloads
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DeviceVM, Inc.) C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
(BUP) C:\Users\Flo\AppData\Roaming\BupSystem\bup.exe
() C:\Program Files\Dokan\DokanLibrary\mounter.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Users\Flo\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(DeviceVM, Inc.) C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Razer Inc.) C:\Program Files\Razer\Synapse\RzSynapse.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files\puush\puush.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Akamai Technologies, Inc.) C:\Users\Flo\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Akamai Technologies, Inc.) C:\Users\Flo\AppData\Local\Akamai\netsession_win.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonTaskbar.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonUiAcc.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9874024 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [BCU] => C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [411864 2010-03-05] (DeviceVM, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2219184 2011-01-12] (ESET)
HKLM\...\Run: [Ocs_SM] => C:\Users\Flo\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-04-17] (OCS)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Razer Synapse] => C:\Program Files\Razer\Synapse\RzSynapse.exe [585048 2014-04-17] (Razer Inc.)
HKLM\...\Run: [4StoryPrePatch] => C:\Program Files\GameforgeLive\Games\DEU_deu\4Story\PrePatch.exe
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-04-15] (LogMeIn Inc.)
HKU\S-1-5-21-487487431-3654296458-3124388536-1000\...\Run: [puush] => C:\Program Files\puush\puush.exe [567880 2013-07-14] ()
HKU\S-1-5-21-487487431-3654296458-3124388536-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Flo\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-487487431-3654296458-3124388536-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-487487431-3654296458-3124388536-1000\...\MountPoints2: {5ade5301-2023-11e2-b131-b9180fdef40e} - E:\Startme.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
ShortcutTarget: UltraMon.lnk -> C:\Windows\Installer\{9069EE0A-7615-4D86-AD80-CA263E936DA6}\IcoUltraMon.ico ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC47FC954C219CF01
URLSearchHook: HKLM - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
URLSearchHook: HKLM - SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll ()
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
SearchScopes: HKLM - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={C57B1502-964E-4590-8F7E-1D85286F8DB2}
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={C57B1502-964E-4590-8F7E-1D85286F8DB2}
SearchScopes: HKCU - DefaultScope {40993C37-915F-4f55-B1DD-DE01F5059A7F} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F637573746F6D3F636C69656E743D7075622D3337393432383839343737363237383826666F7269643D31266368616E6E656C3D353336393937303930352669653D5554462D38266F653D5554462D3826736166653D61637469766526636F663D47414C54253341253233303038303030253342474C25334131253342444956253341253233333336363939253342564C43253341363633333939253342414825334163656E7465722533424247432533414646464646462533424C424743253341333336363939253342414C432533413030303046462533424C432533413030303046462533425425334130303030303025334247464E5425334130303030464625334247494D50253341303030304646253342464F5249442533413126686C3D646526713D7B7365617263685465726D737D&st={searchTerms}&clid=60b152dd-3a4a-4e18-9a29-3956ca14e831&pid=freewarede&k=0
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=60b152dd-3a4a-4e18-9a29-3956ca14e831&pid=freewarede&k=0
SearchScopes: HKCU - {28A88DA5-02AA-4BB1-9E80-AAC3E5022D0F} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=60b152dd-3a4a-4e18-9a29-3956ca14e831&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {2E759618-6D37-4951-BA80-F362534C4CA4} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=60b152dd-3a4a-4e18-9a29-3956ca14e831&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {40993C37-915F-4f55-B1DD-DE01F5059A7F} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F637573746F6D3F636C69656E743D7075622D3337393432383839343737363237383826666F7269643D31266368616E6E656C3D353336393937303930352669653D5554462D38266F653D5554462D3826736166653D61637469766526636F663D47414C54253341253233303038303030253342474C25334131253342444956253341253233333336363939253342564C43253341363633333939253342414825334163656E7465722533424247432533414646464646462533424C424743253341333336363939253342414C432533413030303046462533424C432533413030303046462533425425334130303030303025334247464E5425334130303030464625334247494D50253341303030304646253342464F5249442533413126686C3D646526713D7B7365617263685465726D737D&st={searchTerms}&clid=60b152dd-3a4a-4e18-9a29-3956ca14e831&pid=freewarede&k=0
SearchScopes: HKCU - {534D23B2-6818-431D-BF91-74A9FE9148A4} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=60b152dd-3a4a-4e18-9a29-3956ca14e831&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5F502FF9-0E39-4ed3-88AC-3D2B96838EEC} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F703D7B7365617263685465726D737D2666723D6368722D646576696365766D26747970653D45474D42&st={searchTerms}&clid=60b152dd-3a4a-4e18-9a29-3956ca14e831&pid=freewarede&k=0
SearchScopes: HKCU - {953E39CE-5202-402B-A2D4-D6352794D4CF} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=60b152dd-3a4a-4e18-9a29-3956ca14e831&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {A6484BEF-A292-4291-8D75-7BA691D37B11} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=60b152dd-3a4a-4e18-9a29-3956ca14e831&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {AA2F6EFB-10ED-4746-93F4-AFC27CD0DF1A} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=60b152dd-3a4a-4e18-9a29-3956ca14e831&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E7377656574696D2E636F6D2F7365617263682E6173703F7372633D36266372673D332E313031303030302673743D313826713D7B7365617263685465726D737D2662617269643D7B43353742313530322D393634452D343539302D384637452D3144383532383646384442327D&st={searchTerms}&clid=60b152dd-3a4a-4e18-9a29-3956ca14e831&pid=freewarede&k=0
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll ()
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\lkky777v.default
FF user.js: detected! => C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\lkky777v.default\user.js
FF NewTab: hxxp://mystart.incredibar.com/mb155?a=6OyGrNTJ4g&loc=FF_NT
FF DefaultSearchEngine: Yahoo
FF SearchEngineOrder.1: Yahoo
FF SearchEngineOrder.2: Google
FF SelectedSearchEngine: Yahoo
FF Homepage: www.Google.de
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=ytff-devicevm&type=EGMB&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @gamersfirst.com/LiveLauncher - C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\lkky777v.default\searchplugins\{754345EE-769C-4465-8A0B-5626932B65D2}.xml
FF SearchPlugin: C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\lkky777v.default\searchplugins\{959E0D04-C29C-458A-8997-F4AB2E049CE9}.xml
FF SearchPlugin: C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\lkky777v.default\searchplugins\{9E1855AC-5028-4809-BEF0-57D25B3920B2}.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FireJump - C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\lkky777v.default\Extensions\firejump@firejump.net [2013-04-17]
FF Extension: Site Matcher - C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\lkky777v.default\Extensions\sitematcher@sitematcher.com [2014-05-07]
FF Extension: Foxy Security - C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\lkky777v.default\Extensions\sys@foxysecurity.com [2014-05-07]
FF Extension: Adblock Plus - C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\lkky777v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-01]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-05-10]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-08-25]
FF HKCU\...\Firefox\Extensions: [sparpilot@sparpilot.com] - C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\lkky777v.default\extensions\sparpilot@sparpilot.com
FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] - C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\lkky777v.default\extensions\firejump@firejump.net
FF Extension: FireJump - C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\lkky777v.default\extensions\firejump@firejump.net [2013-04-17]
Chrome:
=======
CHR Extension: (Docs) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-28]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2014-04-28]
========================== Services (Whitelisted) =================
R2 BCUService; C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [235752 2010-03-05] (DeviceVM, Inc.)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [49152 2013-08-18] ()
R2 bupService; C:\Users\Flo\AppData\Roaming\BupSystem\bup.exe [642048 2014-04-14] (BUP)
R2 DokanMounter; C:\Program Files\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [33584 2011-01-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [810144 2011-01-12] (ESET)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1682256 2014-04-15] (LogMeIn Inc.)
U2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [8704 2012-07-12] (Hi-Rez Studios)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-04-08] (LogMeIn, Inc.)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\\OverwolfUpdater.exe [16616 2011-11-20] (Overwolf Ltd)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-07-25] ()
R2 SearchAnonymizer; C:\Users\Flo\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-04-17] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3048136 2012-07-05] (Skype Technologies S.A.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1742136 2013-12-18] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11296 2009-08-04] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2013-03-03] ()
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [95744 2011-01-10] (Windows (R) Win 7 DDK provider)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [137144 2010-12-21] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [115008 2010-12-21] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [95384 2010-12-21] (ESET)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-03-03] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-17] ()
R3 rzudd; C:\Windows\System32\DRIVERS\rzudd.sys [130088 2014-04-09] (Razer Inc)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
S3 SMARTMouseFilterx86; C:\Windows\System32\DRIVERS\SMARTMouseFilterx86.sys [11632 2011-07-13] (SMART Technologies ULC)
S3 SMARTVHidMini2000x86; C:\Windows\System32\DRIVERS\SMARTVHidMini2000x86.sys [14704 2011-07-13] (SMART Technologies ULC)
S3 SMARTVTabletPCx86; C:\Windows\System32\DRIVERS\SMARTVTabletPCx86.sys [21872 2011-07-13] (SMART Technologies ULC)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-12-16] (TuneUp Software)
R2 UltraMonUtility; C:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [17184 2012-08-24] (Realtime Soft Ltd)
S3 CEDRIVER60; \??\C:\Program Files\Cheat Engine 6.2\dbk32.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-11 11:21 - 2014-05-11 11:22 - 00021198 _____ () C:\Users\Flo\Downloads\FRST.txt
2014-05-11 11:21 - 2014-05-11 11:21 - 01055232 _____ (Farbar) C:\Users\Flo\Downloads\FRST.exe
2014-05-11 11:21 - 2014-05-11 11:21 - 00000000 ____D () C:\FRST
2014-05-10 23:47 - 2014-05-11 02:11 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-05-10 23:47 - 2014-05-10 23:47 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-10 22:46 - 2014-05-10 22:46 - 00000000 ____D () C:\ProgramData\Licenses
2014-05-10 22:41 - 2014-05-10 22:41 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-05-10 20:15 - 2014-05-10 20:15 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-10 17:49 - 2014-05-10 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-05-10 17:49 - 2014-05-10 19:06 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-10 16:11 - 2014-05-10 19:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-10 16:11 - 2014-05-10 16:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-07 15:07 - 2014-05-07 15:07 - 00000000 ____H () C:\Users\Flo\Documents\Default.rdp
2014-05-07 14:02 - 2014-05-10 19:07 - 00000000 ____D () C:\Program Files\SiteFinder
2014-05-07 14:02 - 2014-05-07 14:02 - 00000000 __SHD () C:\Users\Flo\AppData\Local\EmieUserList
2014-05-07 14:02 - 2014-05-07 14:02 - 00000000 __SHD () C:\Users\Flo\AppData\Local\EmieSiteList
2014-05-07 14:02 - 2014-05-07 14:02 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\SimilarSites
2014-05-07 14:02 - 2014-05-07 14:02 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Security Systems
2014-05-07 14:02 - 2014-05-07 14:02 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\BupSystem
2014-05-07 14:02 - 2014-05-07 14:02 - 00000000 ____D () C:\Program Files\SiteLookup
2014-05-07 13:59 - 2014-05-07 13:59 - 00386888 _____ () C:\Users\Flo\Downloads\SoftonicDownloader_for_visual-c.exe
2014-05-07 13:36 - 2014-05-07 13:47 - 00000000 ____D () C:\Users\Flo\Desktop\Schule
2014-05-07 13:32 - 2014-05-07 14:21 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Dev-Cpp
2014-05-07 13:32 - 2014-05-07 13:32 - 00000944 _____ () C:\Users\UpdatusUser\Desktop\Dev-C++.lnk
2014-05-07 13:32 - 2014-05-07 13:32 - 00000944 _____ () C:\Users\Flo\Desktop\Dev-C++.lnk
2014-05-07 13:32 - 2014-05-07 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
2014-05-07 13:30 - 2014-05-07 13:30 - 00000000 ____D () C:\Program Files\Dev-Cpp
2014-05-07 13:26 - 2014-05-07 13:26 - 00629584 _____ (Chip Digital GmbH) C:\Users\Flo\Downloads\Orwell Dev C - CHIP-Downloader.exe
2014-05-06 12:00 - 2014-05-06 12:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 11:26 - 2014-04-14 04:11 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-06 11:26 - 2014-04-14 04:07 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-02 12:29 - 2014-05-02 12:31 - 00000000 ____D () C:\Users\Flo\Downloads\world
2014-05-02 12:29 - 2014-05-02 12:30 - 00000665 _____ () C:\Users\Flo\Downloads\server.properties
2014-05-02 12:29 - 2014-05-02 12:29 - 00000002 _____ () C:\Users\Flo\Downloads\whitelist.json
2014-05-02 12:29 - 2014-05-02 12:29 - 00000002 _____ () C:\Users\Flo\Downloads\usercache.json
2014-05-02 12:29 - 2014-05-02 12:29 - 00000002 _____ () C:\Users\Flo\Downloads\ops.json
2014-05-02 12:29 - 2014-05-02 12:29 - 00000002 _____ () C:\Users\Flo\Downloads\banned-players.json
2014-05-02 12:29 - 2014-05-02 12:29 - 00000002 _____ () C:\Users\Flo\Downloads\banned-ips.json
2014-05-02 10:15 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-02 10:15 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-28 22:20 - 2014-04-28 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-04-28 22:20 - 2014-04-28 22:20 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-04-28 12:12 - 2014-05-11 11:15 - 00000000 ____D () C:\Users\Flo\AppData\Local\LogMeIn Hamachi
2014-04-28 12:10 - 2014-05-11 11:14 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-28 12:10 - 2014-05-11 02:29 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-28 12:07 - 2014-04-28 12:07 - 00613200 _____ (Chip Digital GmbH) C:\Users\Flo\Downloads\LogMeIn Hamachi - CHIP-Downloader.exe
2014-04-28 00:03 - 2014-04-28 00:03 - 00019968 ___SH () C:\Users\Flo\Downloads\Thumbs.db
2014-04-27 23:55 - 2014-04-27 23:55 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-04-20 22:02 - 2014-04-20 22:03 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\AbiSuite
2014-04-20 22:00 - 2014-05-07 14:29 - 00000000 ____D () C:\Program Files\AbiWord
2014-04-16 22:53 - 2014-04-16 23:53 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Teeworlds
==================== One Month Modified Files and Folders =======
2014-05-11 11:22 - 2014-05-11 11:21 - 00021198 _____ () C:\Users\Flo\Downloads\FRST.txt
2014-05-11 11:21 - 2014-05-11 11:21 - 01055232 _____ (Farbar) C:\Users\Flo\Downloads\FRST.exe
2014-05-11 11:21 - 2014-05-11 11:21 - 00000000 ____D () C:\FRST
2014-05-11 11:18 - 2011-08-25 23:45 - 01606385 _____ () C:\Windows\WindowsUpdate.log
2014-05-11 11:16 - 2012-01-15 21:50 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Skype
2014-05-11 11:15 - 2014-04-28 12:12 - 00000000 ____D () C:\Users\Flo\AppData\Local\LogMeIn Hamachi
2014-05-11 11:14 - 2014-04-28 12:10 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-11 11:14 - 2011-08-25 18:23 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-11 11:14 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-11 11:14 - 2009-07-14 06:39 - 00292305 _____ () C:\Windows\setupact.log
2014-05-11 03:20 - 2011-08-25 21:53 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\TS3Client
2014-05-11 03:01 - 2012-11-21 15:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-11 03:01 - 2009-07-14 06:34 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-11 03:01 - 2009-07-14 06:34 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-11 02:50 - 2013-12-13 16:35 - 00000000 ____D () C:\Users\Flo\AppData\Local\Battle.net
2014-05-11 02:29 - 2014-04-28 12:10 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-11 02:11 - 2014-05-10 23:47 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-05-11 01:03 - 2012-04-17 13:47 - 00000000 ____D () C:\Users\Flo\AppData\Local\PMB Files
2014-05-10 23:47 - 2014-05-10 23:47 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-10 23:47 - 2012-07-25 14:12 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-05-10 23:34 - 2012-05-03 13:32 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-10 23:34 - 2011-08-25 18:12 - 04377964 _____ () C:\Windows\PFRO.log
2014-05-10 22:46 - 2014-05-10 22:46 - 00000000 ____D () C:\ProgramData\Licenses
2014-05-10 22:41 - 2014-05-10 22:41 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-05-10 20:15 - 2014-05-10 20:15 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-10 19:08 - 2011-08-25 17:46 - 00000000 ____D () C:\Users\Flo
2014-05-10 19:07 - 2014-05-07 14:02 - 00000000 ____D () C:\Program Files\SiteFinder
2014-05-10 19:07 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-05-10 19:06 - 2014-05-10 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-05-10 19:06 - 2014-05-10 17:49 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-10 19:06 - 2014-05-10 16:11 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-10 19:06 - 2014-02-24 08:23 - 00000000 ____D () C:\Users\Flo\AppData\Local\Akamai
2014-05-10 19:06 - 2014-02-18 20:32 - 00000000 ____D () C:\Users\Flo\kk
2014-05-10 19:06 - 2013-12-13 16:35 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Battle.net
2014-05-10 19:06 - 2013-08-06 20:46 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\uTorrent
2014-05-10 19:06 - 2013-02-07 14:48 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\DealPly
2014-05-10 19:06 - 2012-12-20 23:51 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\puush
2014-05-10 19:06 - 2012-08-31 15:30 - 00000000 ____D () C:\Windows\system32\WNLT
2014-05-10 19:06 - 2012-08-31 15:30 - 00000000 ____D () C:\Windows\system32\ARFC
2014-05-10 19:06 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-05-10 19:05 - 2011-08-25 17:58 - 00000000 ____D () C:\ProgramData\DeviceVm
2014-05-10 18:02 - 2011-08-26 11:35 - 00000000 ____D () C:\Users\Flo\AppData\Local\CrashDumps
2014-05-10 18:02 - 2011-08-26 00:42 - 00000000 ____D () C:\Windows\Panther
2014-05-10 17:35 - 2013-08-06 20:53 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Iminent
2014-05-10 16:11 - 2014-05-10 16:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-08 21:33 - 2014-01-26 01:19 - 00000000 ____D () C:\Program Files\Hearthstone
2014-05-08 17:55 - 2012-04-17 13:47 - 00000000 ____D () C:\ProgramData\PMB Files
2014-05-08 13:06 - 2011-08-25 17:53 - 01651094 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-08 00:41 - 2012-12-20 23:57 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\.minecraft
2014-05-07 15:07 - 2014-05-07 15:07 - 00000000 ____H () C:\Users\Flo\Documents\Default.rdp
2014-05-07 14:33 - 2011-08-25 20:09 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\DVDVideoSoft
2014-05-07 14:32 - 2012-12-04 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-05-07 14:31 - 2011-08-25 17:55 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-05-07 14:30 - 2012-03-14 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2014-05-07 14:30 - 2012-03-14 21:43 - 00000000 ____D () C:\Nexon
2014-05-07 14:29 - 2014-04-20 22:00 - 00000000 ____D () C:\Program Files\AbiWord
2014-05-07 14:29 - 2012-12-04 16:23 - 00000000 ____D () C:\Program Files\GameforgeLive
2014-05-07 14:21 - 2014-05-07 13:32 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Dev-Cpp
2014-05-07 14:02 - 2014-05-07 14:02 - 00000000 __SHD () C:\Users\Flo\AppData\Local\EmieUserList
2014-05-07 14:02 - 2014-05-07 14:02 - 00000000 __SHD () C:\Users\Flo\AppData\Local\EmieSiteList
2014-05-07 14:02 - 2014-05-07 14:02 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\SimilarSites
2014-05-07 14:02 - 2014-05-07 14:02 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Security Systems
2014-05-07 14:02 - 2014-05-07 14:02 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\BupSystem
2014-05-07 14:02 - 2014-05-07 14:02 - 00000000 ____D () C:\Program Files\SiteLookup
2014-05-07 13:59 - 2014-05-07 13:59 - 00386888 _____ () C:\Users\Flo\Downloads\SoftonicDownloader_for_visual-c.exe
2014-05-07 13:59 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-05-07 13:47 - 2014-05-07 13:36 - 00000000 ____D () C:\Users\Flo\Desktop\Schule
2014-05-07 13:32 - 2014-05-07 13:32 - 00000944 _____ () C:\Users\UpdatusUser\Desktop\Dev-C++.lnk
2014-05-07 13:32 - 2014-05-07 13:32 - 00000944 _____ () C:\Users\Flo\Desktop\Dev-C++.lnk
2014-05-07 13:32 - 2014-05-07 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
2014-05-07 13:30 - 2014-05-07 13:30 - 00000000 ____D () C:\Program Files\Dev-Cpp
2014-05-07 13:26 - 2014-05-07 13:26 - 00629584 _____ (Chip Digital GmbH) C:\Users\Flo\Downloads\Orwell Dev C - CHIP-Downloader.exe
2014-05-06 12:00 - 2014-05-06 12:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-02 23:08 - 2013-12-13 16:35 - 00000000 ____D () C:\Program Files\Battle.net
2014-05-02 22:54 - 2011-09-13 17:43 - 00212642 _____ () C:\Windows\DPINST.LOG
2014-05-02 12:31 - 2014-05-02 12:29 - 00000000 ____D () C:\Users\Flo\Downloads\world
2014-05-02 12:30 - 2014-05-02 12:29 - 00000665 _____ () C:\Users\Flo\Downloads\server.properties
2014-05-02 12:29 - 2014-05-02 12:29 - 00000002 _____ () C:\Users\Flo\Downloads\whitelist.json
2014-05-02 12:29 - 2014-05-02 12:29 - 00000002 _____ () C:\Users\Flo\Downloads\usercache.json
2014-05-02 12:29 - 2014-05-02 12:29 - 00000002 _____ () C:\Users\Flo\Downloads\ops.json
2014-05-02 12:29 - 2014-05-02 12:29 - 00000002 _____ () C:\Users\Flo\Downloads\banned-players.json
2014-05-02 12:29 - 2014-05-02 12:29 - 00000002 _____ () C:\Users\Flo\Downloads\banned-ips.json
2014-04-29 18:02 - 2012-11-21 15:47 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-29 18:02 - 2011-08-25 20:04 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-29 14:48 - 2014-05-02 10:15 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:34 - 2014-05-02 10:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-28 22:20 - 2014-04-28 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-04-28 22:20 - 2014-04-28 22:20 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-04-28 12:12 - 2014-01-20 01:54 - 00000000 ____D () C:\Users\Flo\AppData\Local\Google
2014-04-28 12:12 - 2014-01-20 01:54 - 00000000 ____D () C:\Program Files\Google
2014-04-28 12:07 - 2014-04-28 12:07 - 00613200 _____ (Chip Digital GmbH) C:\Users\Flo\Downloads\LogMeIn Hamachi - CHIP-Downloader.exe
2014-04-28 00:03 - 2014-04-28 00:03 - 00019968 ___SH () C:\Users\Flo\Downloads\Thumbs.db
2014-04-27 23:55 - 2014-04-27 23:55 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-04-27 23:55 - 2014-02-18 20:22 - 00000000 ____D () C:\robin
2014-04-27 23:55 - 2014-02-18 20:15 - 00000000 ____D () C:\Neuer Ordner
2014-04-26 13:53 - 2012-08-27 19:59 - 00000000 ____D () C:\Users\Flo\AppData\Local\ArmA 2 OA
2014-04-20 22:03 - 2014-04-20 22:02 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\AbiSuite
2014-04-18 13:47 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-16 23:53 - 2014-04-16 22:53 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Teeworlds
2014-04-14 04:11 - 2014-05-06 11:26 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:07 - 2014-05-06 11:26 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
Files to move or delete:
====================
C:\Users\Flo\APB_Reloaded_Installer.exe
Some content of TEMP:
====================
C:\Users\Flo\AppData\Local\Temp\AskSLib.dll
C:\Users\Flo\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Flo\AppData\Local\Temp\cabex.dll
C:\Users\Flo\AppData\Local\Temp\dxwebsetup.exe
C:\Users\Flo\AppData\Local\Temp\EAInstall.dll
C:\Users\Flo\AppData\Local\Temp\firefoxjre_exe-1.exe
C:\Users\Flo\AppData\Local\Temp\firefoxjre_exe-2.exe
C:\Users\Flo\AppData\Local\Temp\firefoxjre_exe-3.exe
C:\Users\Flo\AppData\Local\Temp\firefoxjre_exe-4.exe
C:\Users\Flo\AppData\Local\Temp\firefoxjre_exe-5.exe
C:\Users\Flo\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Flo\AppData\Local\Temp\FoxySecuritySetup.exe
C:\Users\Flo\AppData\Local\Temp\Gw2.exe
C:\Users\Flo\AppData\Local\Temp\InstallAX.exe
C:\Users\Flo\AppData\Local\Temp\installhelper.dll
C:\Users\Flo\AppData\Local\Temp\install_flash_player_ax.exe
C:\Users\Flo\AppData\Local\Temp\install_reader10_de_mssd_aih.exe
C:\Users\Flo\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\Flo\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Flo\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Flo\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Flo\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Flo\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Flo\AppData\Local\Temp\mpsetup.exe
C:\Users\Flo\AppData\Local\Temp\NGM.exe
C:\Users\Flo\AppData\Local\Temp\NGMDll.dll
C:\Users\Flo\AppData\Local\Temp\NGMResource.dll
C:\Users\Flo\AppData\Local\Temp\NGMSetup.exe
C:\Users\Flo\AppData\Local\Temp\nvStInst.exe
C:\Users\Flo\AppData\Local\Temp\prismsetup.exe
C:\Users\Flo\AppData\Local\Temp\SHSetup.exe
C:\Users\Flo\AppData\Local\Temp\SimBundD.exe
C:\Users\Flo\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Flo\AppData\Local\Temp\SponsOne.exe
C:\Users\Flo\AppData\Local\Temp\su-setup.exe
C:\Users\Flo\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Flo\AppData\Local\Temp\unelevate.exe
C:\Users\Flo\AppData\Local\Temp\unicows.dll
C:\Users\Flo\AppData\Local\Temp\uninst.exe
C:\Users\Flo\AppData\Local\Temp\Uninstaller-2036.exe
C:\Users\Flo\AppData\Local\Temp\utt5845.tmp.exe
C:\Users\Flo\AppData\Local\Temp\VARemove.exe
C:\Users\Flo\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Flo\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\Flo\AppData\Local\Temp\wpsetup.exe
C:\Users\Flo\AppData\Local\Temp\yta_bu12_setup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-10 19:37
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:11-05-2014
Ran by Flo at 2014-05-11 11:22:21
Running from C:\Users\Flo\downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
Adobe Acrobat 5.0 (HKLM\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
AION Free-to-Play (HKLM\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Altitude (HKLM\...\4578-0181-0549-1546) (Version: - Nimbly Games)
ARMA 2 Operation Arrowhead Uninstall (HKLM\...\ARMA 2 Operation Arrowhead) (Version: - )
ArmA 2 Uninstall (HKLM\...\ArmA 2) (Version: - )
ATI Catalyst Install Manager (HKLM\...\{DD864DB0-6A37-49B6-B23D-3B0270571234}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM\...\BattlEye) (Version: - )
Blue Byte Game Channel (HKLM\...\Blue Byte Game Channel) (Version: - UbiSoft)
Browser Configuration Utility (HKLM\...\{BA88EE67-8974-459D-A1DB-C8281D9AC6F6}) (Version: 1.0.12.1 - DeviceVM, Inc.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM\...\{ADF66435-7A7D-445E-8AF7-7904DD6ED1A7}) (Version: 1.09.75 - Dotjosh Studios)
Dev-C++ (HKLM\...\Dev-C++) (Version: 5.4.0 - )
Diablo III (HKLM\...\Diablo III) (Version: - Blizzard Entertainment)
Diablo III Beta (HKLM\...\Diablo III Beta) (Version: - Blizzard Entertainment)
Dokan Library 0.6.0 (HKLM\...\DokanLibrary) (Version: - )
Dota 2 (HKLM\...\Steam App 570) (Version: - )
EPU-4 Engine (HKLM\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - )
ESET NOD32 Antivirus (HKLM\...\{36DCC61E-53B6-41D4-9590-9894BCE17068}) (Version: 4.2.71.2 - ESET, spol. s r.o.)
FileViewPro (HKLM\...\{29938C06-6962-4C27-A94C-25E4F424A665}_is1) (Version: 1.5 - Solvusoft Corporation)
FireJump (HKLM\...\{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1) (Version: 1.0.2.5 - FireJump.net)
FoxTab PDF Creator (HKCU\...\FoxTab PDF Creator) (Version: - ) <==== ATTENTION
Foxy Security (HKLM\...\Foxy Security) (Version: - )
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
GamersFirst LIVE! (HKLM\...\GamersFirst LIVE!) (Version: - GamersFirst)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IB Updater Service (HKLM\...\WNLT) (Version: 4.0.7.4 - ) <==== ATTENTION
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 30 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216030FF}) (Version: 6.0.300 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
League of Legends (HKLM\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.188 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.188 - LogMeIn, Inc.) Hidden
LOLReplay (HKLM\...\LOLReplay) (Version: 0.8.1.4 - www.leaguereplays.com)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version: - NCsoft)
Nexon Game Manager (HKLM\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version: - )
Norton Internet Security (Version: 18.1.0.37 - Symantec Corporation) Hidden
NVIDIA 3D Vision Controller Driver (Version: 270.61 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller-Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.97 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM\...\Open Broadcaster Software) (Version: - )
osu! (HKLM\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Overwolf (HKLM\...\{F1944392-5F0A-495D-94E1-CCB09BD1D650}) (Version: 0.26.157 - Overwolf)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
puush (HKLM\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Razer Synapse 2.0 (HKLM\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.02 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Roll (HKLM\...\RollerCoaster Tycoon Setup) (Version: - )
SearchAnonymizer (HKLM\...\SearchAnonymizer) (Version: 1.0.1 (de) - )
SiteFinder (HKLM\...\SiteFinder) (Version: 1.0.0.0 - SiteFinder) <==== ATTENTION
Six Updater (HKLM\...\{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}) (Version: 2.09.7016 - Six Projects)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.1.10441 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sony Ericsson PC Companion 1.50.52 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 1.50.52 - Sony Ericsson)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab Detection (HKLM\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.16642 - TeamViewer)
Tribes Ascend (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.0.1055.0 - Hi-Rez Studios)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.221 - TuneUp Software) Hidden
UltraMon (HKLM\...\{9069EE0A-7615-4D86-AD80-CA263E936DA6}) (Version: 3.2.2 - Realtime Soft Ltd)
Update_DealPly (HKCU\...\DealPly) (Version: - ) <==== ATTENTION
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
==================== Restore Points =========================
02-05-2014 08:14:42 Windows Update
06-05-2014 10:00:16 Windows Update
07-05-2014 12:31:24 Entfernt Nail'd
09-05-2014 12:48:36 Windows Update
10-05-2014 17:01:04 Wiederherstellungsvorgang
10-05-2014 17:15:08 Windows Update
10-05-2014 21:47:21 Installed SpyHunter
11-05-2014 00:08:53 Removed SpyHunter
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1C6A93BA-9B13-4065-BD58-1D4B9DDDCF6C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-28] (Google Inc.)
Task: {373FA0D8-AE6F-43EC-BB06-F002CEE96692} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {3DB22511-A8D0-4354-844E-EA78C9F7AE34} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {819493CC-233C-4593-8831-88C8C45C0906} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {83413AF4-7EC6-48C4-B7C6-4A2D6CEA9B5C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-28] (Google Inc.)
Task: {AEB6D200-828B-4F64-ABF9-53728D6B8172} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {D37496D7-2010-4B57-8AC5-C71DF414F68A} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {DACBCBE2-E89F-4903-B38A-B75950BEB224} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe [2013-12-18] (TuneUp Software)
Task: {E1D855F6-E048-4100-B86F-4E7C6CD64628} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-04-07 22:43 - 2013-01-18 16:20 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2012-02-14 21:48 - 2007-08-21 14:32 - 00098304 _____ () C:\Windows\System32\redmonnt.dll
2014-05-07 14:02 - 2014-05-07 14:02 - 00374272 _____ () C:\Users\Flo\AppData\Roaming\BupSystem\sub\default.dll
2011-01-10 14:49 - 2011-01-10 14:49 - 00014848 _____ () C:\Program Files\Dokan\DokanLibrary\mounter.exe
2011-08-25 22:33 - 2012-07-25 15:54 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
2013-04-17 20:35 - 2013-04-17 20:35 - 00040960 _____ () C:\Users\Flo\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
2011-08-25 17:58 - 2009-03-19 22:35 - 00208896 _____ () C:\Program Files\ASUS\EPU-4 Engine\AiNap.dll
2011-08-25 17:58 - 2009-03-19 22:35 - 00008704 _____ () C:\Program Files\ASUS\EPU-4 Engine\vvc.dll
2011-08-25 17:58 - 2009-01-15 14:55 - 00565248 _____ () C:\Program Files\ASUS\EPU-4 Engine\pngio.dll
2011-08-25 17:58 - 2009-09-30 05:33 - 00024576 ____R () C:\Windows\system32\AsIo.dll
2011-08-25 17:58 - 2009-03-25 16:53 - 00053248 _____ () C:\Program Files\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
2009-07-31 21:39 - 2009-07-31 21:39 - 00503202 _____ () C:\Program Files\DeviceVM\Browser Configuration Utility\sqlite3.dll
2013-12-18 11:01 - 2013-12-18 11:01 - 00608056 _____ () C:\Program Files\TuneUp Utilities 2014\avgreplibx.dll
2012-01-10 15:41 - 2013-07-14 18:43 - 00567880 _____ () C:\Program Files\puush\puush.exe
2014-05-10 20:15 - 2014-05-10 20:15 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/10/2014 07:39:27 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/10/2014 07:38:28 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/10/2014 07:38:26 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/10/2014 05:36:23 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm mbam.exe, Version 1.0.0.500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1788
Startzeit: 01cf6c59e409515b
Endzeit: 262
Anwendungspfad: C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Berichts-ID: cf53b35f-d858-11e3-bbaf-f46d04dbdb34
Error: (05/10/2014 04:09:26 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: bho.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x534e91e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0906cd94
ID des fehlerhaften Prozesses: 0x150
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (05/08/2014 05:56:20 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: bho.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x534e91e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0a16cd94
ID des fehlerhaften Prozesses: 0x774
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (05/08/2014 05:56:07 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: bho.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x534e91e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0a16cd94
ID des fehlerhaften Prozesses: 0x774
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (05/06/2014 11:24:52 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm javaw.exe, Version 7.0.250.17 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1418
Startzeit: 01cf690cec08d721
Endzeit: 15
Anwendungspfad: C:\Program Files\Java\jre7\bin\javaw.exe
Berichts-ID: 419b0adf-d500-11e3-a0ae-f46d04dbdb34
Error: (04/29/2014 04:41:24 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/29/2014 04:40:13 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (05/11/2014 11:17:19 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/11/2014 11:17:19 AM) (Source: Service Control Manager) (User: ) (EventID: 7038)
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/11/2014 00:34:26 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/11/2014 00:34:26 AM) (Source: Service Control Manager) (User: ) (EventID: 7038)
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/11/2014 00:32:09 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/11/2014 00:32:09 AM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.
Error: (05/11/2014 00:30:57 AM) (Source: EventLog) (User: ) (EventID: 6008)
Description: Das System wurde zuvor am 11.05.2014 um 00:29:52 unerwartet heruntergefahren.
Error: (05/10/2014 11:37:12 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/10/2014 11:37:12 PM) (Source: Service Control Manager) (User: ) (EventID: 7038)
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/10/2014 07:10:44 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Microsoft Office Sessions:
=========================
Error: (05/10/2014 07:39:27 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe
Error: (05/10/2014 07:38:28 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\razer_common_driver\Vista_XP\DPInst_amd64.exe
Error: (05/10/2014 07:38:26 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\razer_common_driver\Drivers\DPInst_amd64.exe
Error: (05/10/2014 05:36:23 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: mbam.exe1.0.0.500178801cf6c59e409515b262C:\Program Files\Malwarebytes Anti-Malware\mbam.execf53b35f-d858-11e3-bbaf-f46d04dbdb34
Error: (05/10/2014 04:09:26 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Explorer.EXE6.1.7601.175674d6727a7bho.dll_unloaded0.0.0.0534e91e7c00000050906cd9415001cf6c2e95f4c820C:\Windows\Explorer.EXEbho.dllb14502ca-d84c-11e3-bbaf-f46d04dbdb34
Error: (05/08/2014 05:56:20 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Explorer.EXE6.1.7601.175674d6727a7bho.dll_unloaded0.0.0.0534e91e7c00000050a16cd9477401cf6aacec3e81f2C:\Windows\Explorer.EXEbho.dll4b96a1ce-d6c9-11e3-b7fa-f46d04dbdb34
Error: (05/08/2014 05:56:07 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Explorer.EXE6.1.7601.175674d6727a7bho.dll_unloaded0.0.0.0534e91e7c00000050a16cd9477401cf6aacec3e81f2C:\Windows\Explorer.EXEbho.dll4380819e-d6c9-11e3-b7fa-f46d04dbdb34
Error: (05/06/2014 11:24:52 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: javaw.exe7.0.250.17141801cf690cec08d72115C:\Program Files\Java\jre7\bin\javaw.exe419b0adf-d500-11e3-a0ae-f46d04dbdb34
Error: (04/29/2014 04:41:24 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe
Error: (04/29/2014 04:40:13 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\razer_common_driver\Vista_XP\DPInst_amd64.exe
==================== Memory info ===========================
Percentage of memory in use: 52%
Total physical RAM: 3326.18 MB
Available physical RAM: 1586.84 MB
Total Pagefile: 6650.65 MB
Available Pagefile: 4664.28 MB
Total Virtual: 2047.88 MB
Available Virtual: 1882.39 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:183.32 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 2FC30ABD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Wie ich gerade gesehen habe sollte ich es auf dem desktop speichern macht das ihrgent ein wichtigen unterschied ... |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
WARNUNG an die MITLESER: 