Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Google Chrome öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad selbstständig (https://www.trojaner-board.de/157148-google-chrome-oeffnet-98uj8-de-s3brsn5ba66mgfzeinrum-noad-selbststaendig.html)

Atair 01.08.2014 22:54
Google Chrome öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad selbstständig
 
Hi,
ich habe ebenfalls heute früh das Problem gehabt, dass Google Chrome selbstständig unzählige Male die Website 98uj8.de/s3brsn5ba66mgfzeinrum#noad geöffnet hat.
Ich habe die Websites sofort geschlossen und den PC heruntergefahren.
Jetzt läuft allerdings wieder alles flüssig und Avira hat auch nichts gefunden.

Habe Schritt 1 und 2 befolgt, aber beim GMER-Scan kommt die Fehlermeldung: Der Prozess kann nicht auf die Datei (Name leider nicht notiert) zugreifen, da sie von einem anderen Prozess verwendet wird.

FRST.txt:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 02
Ran by Ich (administrator) on LENNART on 01-08-2014 01:27:29
Running from C:\Users\Ich\Downloads
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Ich\Downloads\Defogger.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-19] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-19] (Atheros Communications)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-09-19] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-09-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3273225713-507331992-2471449896-1002\...\Run: [Google Update**.d<*>] => "C:\Users\Ich\AppData\Local\Google\Desktop\Install\{686bdd1d-9619-0d4c-b43a-1087e70c34b3}\d'x"Ù"\", &h#\. ùû[\{686bdd1d-9619-0d4c-b43a-1087e70c34b3}\GoogleUpdate.exe" > <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-3273225713-507331992-2471449896-1002\...\MountPoints2: {336dd433-9646-11e3-bea9-20689d7f0dc3} - "F:\AutoRun.exe"
HKU\S-1-5-21-3273225713-507331992-2471449896-1002\...\MountPoints2: {4ba0bb07-3219-11e3-be9c-20689d7f0dc3} - "F:\AutoRun.exe"
HKU\S-1-5-21-3273225713-507331992-2471449896-1002\...\MountPoints2: {656771e2-6af3-11e2-be83-20689d7f0dc3} - "F:\AutoRun.exe"
HKU\S-1-5-21-3273225713-507331992-2471449896-1002\...\MountPoints2: {65677232-6af3-11e2-be83-20689d7f0dc3} - "F:\AutoRun.exe"
HKU\S-1-5-21-3273225713-507331992-2471449896-1002\...\MountPoints2: {a5f21f98-136f-11e3-be98-20689d7f0dc3} - "F:\AutoRun.exe"
HKU\S-1-5-21-3273225713-507331992-2471449896-1004\...\RunOnce: [Lenovo.ShowBand] => C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [40360 2012-08-08] (Lenovo)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrivateTunnel.lnk
ShortcutTarget: PrivateTunnel.lnk -> C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe ()
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM - DefaultScope {8FA7CCD3-25C1-450F-8704-1F19CF538C29} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM - {8FA7CCD3-25C1-450F-8704-1F19CF538C29} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - DefaultScope {8FA7CCD3-25C1-450F-8704-1F19CF538C29} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {8FA7CCD3-25C1-450F-8704-1F19CF538C29} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - DefaultScope {8FA7CCD3-25C1-450F-8704-1F19CF538C29} URL =
SearchScopes: HKCU - {8FA7CCD3-25C1-450F-8704-1F19CF538C29} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FB66AF1F-20F4-429C-9BD9-F0AF4740449F}: [NameServer]139.7.30.125 139.7.30.126

FireFox:
========
FF ProfilePath: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\eblbwnt8.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-04]
CHR Extension: (Google Drive) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-04]
CHR Extension: (YouTube) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-04]
CHR Extension: (Adblock Plus) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-08]
CHR Extension: (Google-Suche) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-04]
CHR Extension: (Google Wallet) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-04]
CHR Extension: (Google Mail) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-19] (Qualcomm Atheros Commnucations)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 OpenVPNAccessClient; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe [24064 2012-12-14] () [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-05-23] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-19] (Atheros) [File not signed]
R2 postgresql-8.4; c:/postgreSQL/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "c:/postgreSQL/data" -w [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-27] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-19] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [212992 2013-02-01] (Huawei Technologies Co., Ltd.)
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S1 fvwyueix; \??\C:\WINDOWS\system32\drivers\fvwyueix.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-01 01:27 - 2014-08-01 01:28 - 00020087 _____ () C:\Users\Ich\Downloads\FRST.txt
2014-08-01 01:27 - 2014-08-01 01:27 - 00000000 ____D () C:\FRST
2014-08-01 01:26 - 2014-08-01 01:26 - 02094080 _____ (Farbar) C:\Users\Ich\Downloads\FRST64.exe
2014-08-01 01:24 - 2014-08-01 01:24 - 00000468 _____ () C:\Users\Ich\Downloads\defogger_disable.log
2014-08-01 01:24 - 2014-08-01 01:24 - 00000000 _____ () C:\Users\Ich\defogger_reenable
2014-08-01 01:23 - 2014-08-01 01:23 - 00050477 _____ () C:\Users\Ich\Downloads\Defogger.exe
2014-07-21 23:14 - 2014-07-21 23:14 - 00033792 _____ () C:\Users\Ich\Documents\VeniVidiLudi.xls
2014-07-21 23:12 - 2014-07-21 23:12 - 00034816 _____ () C:\Users\Ich\Documents\VeniVidiLudi MTTs.xls
2014-07-21 23:10 - 2014-07-21 23:10 - 00018799 _____ () C:\Users\Ich\Documents\TOURNEYS (XtremeFly).xlsx
2014-07-21 23:09 - 2014-07-21 23:09 - 00097280 _____ () C:\Users\Ich\Documents\MTT Tournaments played by 'XtremeFly'.xls
2014-07-17 10:49 - 2014-07-17 10:49 - 00244958 _____ () C:\Users\Ich\Downloads\blablub_lichess_games_2014-07-17.csv
2014-07-09 13:32 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 13:32 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 13:32 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 13:32 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 13:32 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2014-07-09 13:32 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-07-09 13:32 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-07-09 13:32 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 13:32 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-07-09 13:32 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-07-09 13:32 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-07-09 13:32 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-07-09 13:32 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-07-09 13:32 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-07-09 13:32 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-07-09 13:32 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-09 13:32 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 13:32 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 13:32 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 13:32 - 2014-02-08 06:34 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-07-09 13:31 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 13:31 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 13:31 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-07-09 13:31 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-07-09 13:31 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 13:31 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 13:31 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-07-09 13:31 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 13:31 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 13:31 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 13:31 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 13:31 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-07-09 13:31 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 13:31 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 13:31 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 13:31 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 13:31 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-07-09 13:31 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-07-09 13:31 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-07-09 13:31 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-07-09 13:31 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 13:31 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 13:31 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 13:31 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 13:31 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-07-09 13:31 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 13:31 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-07-09 13:31 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 13:31 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 13:31 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 13:31 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 13:31 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-07-09 13:31 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 13:31 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 13:31 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 13:31 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-07-09 13:31 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-07-09 13:31 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-07-09 13:31 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-07-09 13:31 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-07-09 13:31 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-07-09 13:31 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-07-09 13:31 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 13:31 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-09 13:31 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-07 04:23 - 2014-07-07 04:23 - 00011648 _____ () C:\Users\Ich\Downloads\nL-eHFFI20140706203158 (2).zip
2014-07-07 04:23 - 2014-07-07 04:23 - 00002200 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-07-07 04:23 - 2014-07-07 04:23 - 00000000 ____D () C:\Users\Ich\AppData\Local\WinZip
2014-07-07 04:22 - 2014-07-07 04:23 - 00000000 ____D () C:\ProgramData\WinZip
2014-07-07 04:22 - 2014-07-07 04:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-07-07 04:22 - 2014-07-07 04:22 - 00000000 ____D () C:\Program Files\WinZip
2014-07-07 04:20 - 2014-07-07 04:21 - 58807808 _____ () C:\Users\Ich\Downloads\wz185gev-64.msi
2014-07-07 04:18 - 2014-07-07 04:18 - 00011648 _____ () C:\Users\Ich\Downloads\nL-eHFFI20140706203158 (1).zip
2014-07-07 04:16 - 2014-07-07 04:16 - 00011648 _____ () C:\Users\Ich\Downloads\nL-eHFFI20140706203158.zip
2014-07-07 04:15 - 2014-07-07 04:15 - 01376768 _____ () C:\Users\Ich\Downloads\7z920-x64.msi
2014-07-06 15:50 - 2014-05-20 04:33 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-06 15:50 - 2014-05-20 01:45 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-06 15:50 - 2014-05-20 01:45 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-06 15:50 - 2014-05-20 01:24 - 03286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-06 15:50 - 2014-05-20 01:24 - 01623040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-07-06 15:50 - 2014-05-20 01:24 - 00773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-06 15:50 - 2014-05-20 01:24 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-07-06 15:50 - 2014-05-20 01:24 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-07-06 15:50 - 2014-05-20 01:24 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-06 15:50 - 2014-05-15 00:43 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-07-06 15:50 - 2014-05-15 00:43 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-07-06 15:50 - 2014-05-15 00:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-07-06 15:50 - 2014-05-15 00:42 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-07-03 18:00 - 2014-07-03 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-01 01:28 - 2014-08-01 01:27 - 00020087 _____ () C:\Users\Ich\Downloads\FRST.txt
2014-08-01 01:27 - 2014-08-01 01:27 - 00000000 ____D () C:\FRST
2014-08-01 01:26 - 2014-08-01 01:26 - 02094080 _____ (Farbar) C:\Users\Ich\Downloads\FRST64.exe
2014-08-01 01:24 - 2014-08-01 01:24 - 00000468 _____ () C:\Users\Ich\Downloads\defogger_disable.log
2014-08-01 01:24 - 2014-08-01 01:24 - 00000000 _____ () C:\Users\Ich\defogger_reenable
2014-08-01 01:24 - 2013-10-10 18:55 - 00006242 _____ () C:\Users\Ich\ovpntray.log
2014-08-01 01:24 - 2012-12-15 18:30 - 00000000 ____D () C:\Users\Ich
2014-08-01 01:23 - 2014-08-01 01:23 - 00050477 _____ () C:\Users\Ich\Downloads\Defogger.exe
2014-08-01 01:14 - 2012-09-19 07:57 - 01828659 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-01 01:07 - 2012-12-15 18:36 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3273225713-507331992-2471449896-1002
2014-08-01 01:02 - 2012-12-17 20:25 - 00000000 ____D () C:\Users\Ich\AppData\Local\PokerStars.EU
2014-08-01 01:02 - 2012-12-17 20:25 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-08-01 01:00 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-01 00:53 - 2014-05-04 04:10 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-01 00:48 - 2013-08-14 23:45 - 01745416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-01 00:48 - 2012-09-19 17:09 - 00753134 _____ () C:\WINDOWS\system32\perfh007.dat
2014-08-01 00:48 - 2012-09-19 17:09 - 00155826 _____ () C:\WINDOWS\system32\perfc007.dat
2014-08-01 00:45 - 2013-08-19 20:15 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Skype
2014-08-01 00:44 - 2014-01-12 19:05 - 01342112 _____ () C:\blitzerr.txt
2014-08-01 00:42 - 2013-03-21 19:05 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-01 00:31 - 2014-05-04 04:10 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-01 00:01 - 2013-01-17 19:32 - 00000000 ____D () C:\Program Files (x86)\TableNinja
2014-08-01 00:00 - 2013-09-10 16:01 - 00000000 ____D () C:\Users\Ich\AppData\Local\PokerStars.FR
2014-07-31 20:16 - 2014-03-03 11:06 - 00000000 ____D () C:\Users\Ich\AppData\Local\Equilab
2014-07-31 20:02 - 2013-01-17 18:49 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\HoldemManager
2014-07-29 03:44 - 2013-07-01 21:56 - 00008525 _____ () C:\Users\Ich\Documents\Bilanz.xlsx
2014-07-29 03:15 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-07-24 22:08 - 2013-09-10 16:01 - 00000000 ____D () C:\Program Files (x86)\PokerStars.FR
2014-07-22 00:53 - 2012-12-17 21:44 - 00000000 ____D () C:\Users\Ich\AppData\Local\CrashDumps
2014-07-21 23:14 - 2014-07-21 23:14 - 00033792 _____ () C:\Users\Ich\Documents\VeniVidiLudi.xls
2014-07-21 23:12 - 2014-07-21 23:12 - 00034816 _____ () C:\Users\Ich\Documents\VeniVidiLudi MTTs.xls
2014-07-21 23:10 - 2014-07-21 23:10 - 00018799 _____ () C:\Users\Ich\Documents\TOURNEYS (XtremeFly).xlsx
2014-07-21 23:09 - 2014-07-21 23:09 - 00097280 _____ () C:\Users\Ich\Documents\MTT Tournaments played by 'XtremeFly'.xls
2014-07-18 14:35 - 2014-05-04 04:11 - 00002186 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-17 10:49 - 2014-07-17 10:49 - 00244958 _____ () C:\Users\Ich\Downloads\blablub_lichess_games_2014-07-17.csv
2014-07-11 20:02 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-11 16:43 - 2013-01-17 19:52 - 00002979 _____ () C:\Users\Ich\Desktop\TableNinja.lnk
2014-07-11 16:43 - 2013-01-17 19:52 - 00002939 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja.lnk
2014-07-11 16:36 - 2012-07-26 09:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-11 16:35 - 2013-01-12 14:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-11 16:35 - 2012-08-01 17:51 - 00119384 _____ () C:\WINDOWS\PFRO.log
2014-07-11 05:38 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-11 05:37 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 05:37 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 05:37 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-11 05:37 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 05:36 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-11 03:07 - 2013-08-16 18:33 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-11 03:04 - 2012-12-17 16:00 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-11 03:04 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-10 12:57 - 2013-05-09 17:23 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-07-09 14:28 - 2012-12-17 20:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-08 19:42 - 2013-03-21 19:05 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-07 14:52 - 2013-05-05 15:13 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker.Eu
2014-07-07 04:23 - 2014-07-07 04:23 - 00011648 _____ () C:\Users\Ich\Downloads\nL-eHFFI20140706203158 (2).zip
2014-07-07 04:23 - 2014-07-07 04:23 - 00002200 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-07-07 04:23 - 2014-07-07 04:23 - 00000000 ____D () C:\Users\Ich\AppData\Local\WinZip
2014-07-07 04:23 - 2014-07-07 04:22 - 00000000 ____D () C:\ProgramData\WinZip
2014-07-07 04:23 - 2014-07-07 04:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-07-07 04:22 - 2014-07-07 04:22 - 00000000 ____D () C:\Program Files\WinZip
2014-07-07 04:21 - 2014-07-07 04:20 - 58807808 _____ () C:\Users\Ich\Downloads\wz185gev-64.msi
2014-07-07 04:18 - 2014-07-07 04:18 - 00011648 _____ () C:\Users\Ich\Downloads\nL-eHFFI20140706203158 (1).zip
2014-07-07 04:16 - 2014-07-07 04:16 - 00011648 _____ () C:\Users\Ich\Downloads\nL-eHFFI20140706203158.zip
2014-07-07 04:15 - 2014-07-07 04:15 - 01376768 _____ () C:\Users\Ich\Downloads\7z920-x64.msi
2014-07-03 18:02 - 2014-05-23 17:02 - 00000000 ____D () C:\ProgramData\Origin
2014-07-03 18:02 - 2013-10-10 19:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\SupportAppXL
2014-07-03 18:01 - 2012-09-19 07:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-03 18:00 - 2014-07-03 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
ZeroAccess:
C:\Users\Ich\AppData\Local\Google\Desktop\Install

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3273225713-507331992-2471449896-1002\$686bdd1d96190d4cb43a1087e70c34b3

Some content of TEMP:
====================
C:\Users\Ich\AppData\Local\Temp\2dsve2wefd.exe
C:\Users\Ich\AppData\Local\Temp\AskSLib.dll
C:\Users\Ich\AppData\Local\Temp\avgnt.exe
C:\Users\Ich\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\Ich\AppData\Local\Temp\ose00000.exe
C:\Users\Ich\AppData\Local\Temp\sonarinst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-13 04:24

==================== End Of Log ============================

Addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2014 02
Ran by Ich at 2014-08-01 01:29:02
Running from C:\Users\Ich\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Benutzerhandbuch (x32 Version: 1.0.0.9 - Lenovo) Hidden
CardRunnersEV (HKLM-x32\...\{9AF58701-B88C-4106-BCCB-816AE6855486}) (Version: 1.7.6 - CardRunners)
ChessBase 10 (x32 Version: 10 - ChessBase) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.44.50 - Conexant)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Full Tilt Poker.Eu (HKLM-x32\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 4.59.8.WIN.FullTilt.EU - )
Gala Casino Poker (HKCU\...\Gala Casino Poker) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version:  - )
HoldemResources Calculator (HKLM-x32\...\HoldemResources Calculator) (Version: release - HoldemResources)
Houdini 3 Dynamic (HKLM-x32\...\{12531DC6-1D44-4C85-A44C-648910000C89}) (Version: 13.29.0.0 - ChessBase)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417017FF}) (Version: 7.0.170 - Oracle)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.12.824.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.3.3 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4310.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{1E939186-B443-4262-A278-3C82949EA7AC}) (Version: 1.1.009.00 - Lenovo Group Limited)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.02.35 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Poker 770 (HKCU\...\Poker 770) (Version:  - )
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PokerStars.fr (HKLM-x32\...\PokerStars.fr) (Version:  - PokerStars.fr)
PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
PrivateTunnel (HKLM-x32\...\{1880714F-98B5-4DD1-9A33-98863B4E009B}) (Version: 2.0.0.0 - OpenVPN Technologies)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Ihr Firmenname)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Rybka 3 (x32 Version: 3.0 - ChessBase) Hidden
SeaWorld Adventure Parks Tycoon 3D (HKLM-x32\...\{7A1F1E81-A017-43EE-8A24-E88878164C91}) (Version:  - )
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
TableNinja (HKLM-x32\...\{240AED60-1548-49C6-AB90-C069C1807A57}) (Version: 1.2.164 - ALXSoftware)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
Winamax Poker (HKLM-x32\...\wameu.04351C371E530C3762CBA45FA283ED972DCDEFB6.1) (Version: 2.17.2.1403877577 - Winamax)
Winamax Poker (x32 Version: 2.17.2 - Winamax) Hidden
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

22-06-2014 16:59:30 Installed TableNinja
30-06-2014 19:10:45 Geplanter Prüfpunkt
03-07-2014 16:01:35 Removed dtac aircard
07-07-2014 02:16:59 Installed 7-Zip 9.20 (x64 edition)
10-07-2014 12:52:12 Windows Update
11-07-2014 14:41:21 Installed TableNinja

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02A21721-0E52-4906-A149-3A37A3D2CF92} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-04] (Google Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1F1401EE-6BAE-45F7-B415-8F3A70AEE0A4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-04] (Google Inc.)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {34A933EF-CA0D-494C-AC8E-4F8D20F6CAC5} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2012-08-08] ()
Task: {383B632B-8A12-48A7-8F14-85D720FE208F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {60E9D1EC-5071-41EE-8E15-5F1820D0A3B8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2012-08-08] (Lenovo)
Task: {634C2700-E00D-4321-A901-90857246A48F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {64A1C486-909A-41D5-B007-C0D596B9DD69} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-11] (Microsoft Corporation)
Task: {69B6082B-40FF-4A3D-881D-7FD7C10D8B5B} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2012-08-08] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A7898C06-FE0E-45B5-AD4A-306FE39EF493} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2012-08-08] ()
Task: {B66E84CA-059C-4478-A886-93BBF410F4FA} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\lsc.exe [2012-08-08] ()
Task: {C2FED181-7F23-416C-8B34-9046434674A1} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\WINDOWS\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2012-12-14 05:33 - 2012-12-14 05:33 - 00024064 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe
2014-05-23 18:31 - 2014-05-23 18:31 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2012-08-14 10:56 - 2012-08-03 18:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-19 21:55 - 2012-08-19 21:55 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-19 21:50 - 2012-08-19 21:50 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-12-14 05:33 - 2012-12-14 05:33 - 00068096 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe
2014-08-01 01:23 - 2014-08-01 01:23 - 00050477 _____ () C:\Users\Ich\Downloads\Defogger.exe
2012-02-07 10:11 - 2012-02-07 10:11 - 00027648 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\servicemanager.pyd
2012-02-07 10:09 - 2012-02-07 10:09 - 00110080 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\pywintypes26.dll
2012-02-07 10:11 - 2012-02-07 10:11 - 00042496 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32service.pyd
2012-02-07 10:11 - 2012-02-07 10:11 - 00098816 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32api.pyd
2010-08-24 17:48 - 2010-08-24 17:48 - 00153088 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\pyexpat.pyd
2010-08-24 17:47 - 2010-08-24 17:47 - 00040448 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\_socket.pyd
2010-08-24 17:48 - 2010-08-24 17:48 - 00720896 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\_ssl.pyd
2012-09-27 20:46 - 2012-09-27 20:46 - 00019968 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\zope.interface._zope_interface_coptimizations.pyd
2010-08-24 17:48 - 2010-08-24 17:48 - 00286208 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\_hashlib.pyd
2010-08-24 17:48 - 2010-08-24 17:48 - 00073728 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\_ctypes.pyd
2010-08-24 17:48 - 2010-08-24 17:48 - 00011776 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\select.pyd
2012-09-27 20:47 - 2012-09-27 20:47 - 00010240 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\OpenSSL.rand.pyd
2012-09-27 20:47 - 2012-09-27 20:47 - 00061440 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\OpenSSL.crypto.pyd
2012-09-27 20:47 - 2012-09-27 20:47 - 00039424 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\OpenSSL.SSL.pyd
2012-02-07 10:10 - 2012-02-07 10:10 - 00035840 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32process.pyd
2012-09-27 20:46 - 2012-09-27 20:46 - 00007680 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\twisted.protocols._c_urlarg.pyd
2012-09-27 20:47 - 2012-09-27 20:47 - 00006656 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\pyovpnc.pyd
2012-02-07 10:13 - 2012-02-07 10:13 - 00358912 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\pythoncom26.dll
2012-02-07 10:16 - 2012-02-07 10:16 - 00266240 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32com.shell.shell.pyd
2012-02-07 10:10 - 2012-02-07 10:10 - 00111616 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32file.pyd
2012-02-07 10:10 - 2012-02-07 10:10 - 00108544 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32security.pyd
2012-02-07 10:10 - 2012-02-07 10:10 - 00018432 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32event.pyd
2012-02-07 10:10 - 2012-02-07 10:10 - 00024064 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32pipe.pyd
2012-02-07 10:11 - 2012-02-07 10:11 - 00022528 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32ts.pyd
2013-01-17 18:30 - 2011-01-28 07:15 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
2013-01-17 18:30 - 2009-02-12 21:01 - 00976384 _____ () c:\postgreSQL\bin\libxml2.dll
2013-01-17 18:30 - 2005-07-20 12:48 - 00059904 _____ () c:\postgreSQL\bin\zlib1.dll
2012-09-19 07:21 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-07-18 14:35 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-18 14:35 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-18 14:35 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-18 14:35 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-18 14:35 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2012-02-07 09:10 - 2012-02-07 09:10 - 00024064 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32pdh.pyd
2012-02-07 10:11 - 2012-02-07 10:11 - 00167424 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32gui.pyd
2012-07-15 10:48 - 2012-07-15 10:48 - 00005632 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/01/2014 00:46:07 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (08/01/2014 00:45:32 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (08/01/2014 00:44:22 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-08-01 00:44:22 CESTERROR:  prepared statement "insertplayer" already exists
2014-08-01 00:44:22 CESTSTATEMENT:  PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS  Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
       
        PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
        integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer)
        as
        Update CompiledPlayerResults set totalhands = totalhands + $6
        , TotalAmountWonincents = TotalAmountWonincents + $7
        , TotalRakeincents = TotalRakeincents + $8
        , TotalBBsWon = TotalBBsWon + $9
        , VPIPHands = VPIPHands + $10
        , PFRHands = PFRHands + $11
        , CouldColdCall = CouldColdCall + $12
        , DidColdCall = DidColdCall + $13
        , CouldThreeBet = CouldThreeBet + $14
        , DidThreeBet = DidThreeBet + $15
        , CouldSqueeze = CouldSqueeze + $16
        , DidSqueeze = DidSqueeze + $17
        , FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
        , CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
        , RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
        , SmallBlindStealAttempted = SmallBlindStealAttempted + $21
        , SmallBlindStealDefended = SmallBlindStealDefended + $22
        , SmallBlindStealReraised = SmallBlindStealReraised + $23
        , BigBlindStealAttempted = BigBlindStealAttempted + $24
        , BigBlindStealDefended = BigBlindStealDefended + $25
        , BigBlindStealReraised = BigBlindStealReraised + $26
        , SawNonSmallShowdown = SawNonSmallShowdown + $27
        , WonNonSmallShowdown = WonNonSmallShowdown + $28
        , SawLargeShowdown = SawLargeShowdown + $29
        , WonLargeShowdown = WonLargeShowdown + $30
        , SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
        , WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
        , SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
        , WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
        , WonHand = WonHand + $35
        , WonHandWhenSawFlop = WonHandWhenSawFlop + $36
        , WonHandWhenSawTurn = WonHandWhenSawTurn + $37
        , WonHandWhenSawRiver = WonHandWhenSawRiver + $38
        , FacedThreeBetPreflop = FacedThreeBetPreflop + $39
        , FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
        , CalledThreeBetPreflop = CalledThreeBetPreflop + $41
        , RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
        , FacedFourBetPreflop = FacedFourBetPreflop + $43
        , FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
        , CalledFourBetPreflop = CalledFourBetPreflop + $45
        , RaisedFourBetPreflop = RaisedFourBetPreflop + $46
        , TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
        , TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
        , TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
        , RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
        , RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
        , RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
        , SawFlop = SawFlop + $53
        , SawShowdown = SawShowdown + $54
        , WonShowdown = WonShowdown + $55
        , TotalBets = TotalBets + $56
        , TotalCalls = TotalCalls + $57
        , FlopContinuationBetPossible = FlopContinuationBetPossible + $58
        , FlopContinuationBetMade = FlopContinuationBetMade + $59
        , TurnContinuationBetPossible = TurnContinuationBetPossible + $60
        , TurnContinuationBetMade = TurnContinuationBetMade + $61
        , RiverContinuationBetPossible = RiverContinuationBetPossible + $62
        , RiverContinuationBetMade = RiverContinuationBetMade + $63
        , FacingFlopContinuationBet = FacingFlopContinuationBet + $64
        , FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
        , CalledFlopContinuationBet = CalledFlopContinuationBet + $66
        , RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
        , FacingTurnContinuationBet = FacingTurnContinuationBet + $68
        , FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
        , CalledTurnContinuationBet = CalledTurnContinuationBet + $70
        , RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
        , FacingRiverContinuationBet = FacingRiverContinuationBet + $72
        , FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
        , CalledRiverContinuationBet = CalledRiverContinuationBet + $74
        , RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
        , TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
        , totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
        where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
        and playedyearandmonth = $2
        and numberofplayers = $3
        and gametype_id = $4
        and bbgroup_id = $5 limit 1);

Error: (08/01/2014 00:44:17 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-08-01 00:44:17 CESTERROR:  prepared statement "insertplayer" already exists
2014-08-01 00:44:17 CESTSTATEMENT:  PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS  Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
       
        PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
        integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer)
        as
        Update CompiledPlayerResults set totalhands = totalhands + $6
        , TotalAmountWonincents = TotalAmountWonincents + $7
        , TotalRakeincents = TotalRakeincents + $8
        , TotalBBsWon = TotalBBsWon + $9
        , VPIPHands = VPIPHands + $10
        , PFRHands = PFRHands + $11
        , CouldColdCall = CouldColdCall + $12
        , DidColdCall = DidColdCall + $13
        , CouldThreeBet = CouldThreeBet + $14
        , DidThreeBet = DidThreeBet + $15
        , CouldSqueeze = CouldSqueeze + $16
        , DidSqueeze = DidSqueeze + $17
        , FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
        , CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
        , RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
        , SmallBlindStealAttempted = SmallBlindStealAttempted + $21
        , SmallBlindStealDefended = SmallBlindStealDefended + $22
        , SmallBlindStealReraised = SmallBlindStealReraised + $23
        , BigBlindStealAttempted = BigBlindStealAttempted + $24
        , BigBlindStealDefended = BigBlindStealDefended + $25
        , BigBlindStealReraised = BigBlindStealReraised + $26
        , SawNonSmallShowdown = SawNonSmallShowdown + $27
        , WonNonSmallShowdown = WonNonSmallShowdown + $28
        , SawLargeShowdown = SawLargeShowdown + $29
        , WonLargeShowdown = WonLargeShowdown + $30
        , SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
        , WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
        , SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
        , WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
        , WonHand = WonHand + $35
        , WonHandWhenSawFlop = WonHandWhenSawFlop + $36
        , WonHandWhenSawTurn = WonHandWhenSawTurn + $37
        , WonHandWhenSawRiver = WonHandWhenSawRiver + $38
        , FacedThreeBetPreflop = FacedThreeBetPreflop + $39
        , FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
        , CalledThreeBetPreflop = CalledThreeBetPreflop + $41
        , RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
        , FacedFourBetPreflop = FacedFourBetPreflop + $43
        , FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
        , CalledFourBetPreflop = CalledFourBetPreflop + $45
        , RaisedFourBetPreflop = RaisedFourBetPreflop + $46
        , TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
        , TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
        , TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
        , RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
        , RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
        , RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
        , SawFlop = SawFlop + $53
        , SawShowdown = SawShowdown + $54
        , WonShowdown = WonShowdown + $55
        , TotalBets = TotalBets + $56
        , TotalCalls = TotalCalls + $57
        , FlopContinuationBetPossible = FlopContinuationBetPossible + $58
        , FlopContinuationBetMade = FlopContinuationBetMade + $59
        , TurnContinuationBetPossible = TurnContinuationBetPossible + $60
        , TurnContinuationBetMade = TurnContinuationBetMade + $61
        , RiverContinuationBetPossible = RiverContinuationBetPossible + $62
        , RiverContinuationBetMade = RiverContinuationBetMade + $63
        , FacingFlopContinuationBet = FacingFlopContinuationBet + $64
        , FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
        , CalledFlopContinuationBet = CalledFlopContinuationBet + $66
        , RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
        , FacingTurnContinuationBet = FacingTurnContinuationBet + $68
        , FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
        , CalledTurnContinuationBet = CalledTurnContinuationBet + $70
        , RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
        , FacingRiverContinuationBet = FacingRiverContinuationBet + $72
        , FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
        , CalledRiverContinuationBet = CalledRiverContinuationBet + $74
        , RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
        , TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
        , totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
        where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
        and playedyearandmonth = $2
        and numberofplayers = $3
        and gametype_id = $4
        and bbgroup_id = $5 limit 1);

Error: (08/01/2014 00:43:02 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-08-01 00:43:02 CESTERROR:  prepared statement "insertplayer" already exists
2014-08-01 00:43:02 CESTSTATEMENT:  PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS  Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
       
        PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
        integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer)
        as
        Update CompiledPlayerResults set totalhands = totalhands + $6
        , TotalAmountWonincents = TotalAmountWonincents + $7
        , TotalRakeincents = TotalRakeincents + $8
        , TotalBBsWon = TotalBBsWon + $9
        , VPIPHands = VPIPHands + $10
        , PFRHands = PFRHands + $11
        , CouldColdCall = CouldColdCall + $12
        , DidColdCall = DidColdCall + $13
        , CouldThreeBet = CouldThreeBet + $14
        , DidThreeBet = DidThreeBet + $15
        , CouldSqueeze = CouldSqueeze + $16
        , DidSqueeze = DidSqueeze + $17
        , FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
        , CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
        , RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
        , SmallBlindStealAttempted = SmallBlindStealAttempted + $21
        , SmallBlindStealDefended = SmallBlindStealDefended + $22
        , SmallBlindStealReraised = SmallBlindStealReraised + $23
        , BigBlindStealAttempted = BigBlindStealAttempted + $24
        , BigBlindStealDefended = BigBlindStealDefended + $25
        , BigBlindStealReraised = BigBlindStealReraised + $26
        , SawNonSmallShowdown = SawNonSmallShowdown + $27
        , WonNonSmallShowdown = WonNonSmallShowdown + $28
        , SawLargeShowdown = SawLargeShowdown + $29
        , WonLargeShowdown = WonLargeShowdown + $30
        , SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
        , WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
        , SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
        , WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
        , WonHand = WonHand + $35
        , WonHandWhenSawFlop = WonHandWhenSawFlop + $36
        , WonHandWhenSawTurn = WonHandWhenSawTurn + $37
        , WonHandWhenSawRiver = WonHandWhenSawRiver + $38
        , FacedThreeBetPreflop = FacedThreeBetPreflop + $39
        , FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
        , CalledThreeBetPreflop = CalledThreeBetPreflop + $41
        , RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
        , FacedFourBetPreflop = FacedFourBetPreflop + $43
        , FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
        , CalledFourBetPreflop = CalledFourBetPreflop + $45
        , RaisedFourBetPreflop = RaisedFourBetPreflop + $46
        , TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
        , TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
        , TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
        , RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
        , RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
        , RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
        , SawFlop = SawFlop + $53
        , SawShowdown = SawShowdown + $54
        , WonShowdown = WonShowdown + $55
        , TotalBets = TotalBets + $56
        , TotalCalls = TotalCalls + $57
        , FlopContinuationBetPossible = FlopContinuationBetPossible + $58
        , FlopContinuationBetMade = FlopContinuationBetMade + $59
        , TurnContinuationBetPossible = TurnContinuationBetPossible + $60
        , TurnContinuationBetMade = TurnContinuationBetMade + $61
        , RiverContinuationBetPossible = RiverContinuationBetPossible + $62
        , RiverContinuationBetMade = RiverContinuationBetMade + $63
        , FacingFlopContinuationBet = FacingFlopContinuationBet + $64
        , FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
        , CalledFlopContinuationBet = CalledFlopContinuationBet + $66
        , RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
        , FacingTurnContinuationBet = FacingTurnContinuationBet + $68
        , FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
        , CalledTurnContinuationBet = CalledTurnContinuationBet + $70
        , RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
        , FacingRiverContinuationBet = FacingRiverContinuationBet + $72
        , FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
        , CalledRiverContinuationBet = CalledRiverContinuationBet + $74
        , RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
        , TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
        , totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
        where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
        and playedyearandmonth = $2
        and numberofplayers = $3
        and gametype_id = $4
        and bbgroup_id = $5 limit 1);

Error: (08/01/2014 00:41:27 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-08-01 00:41:27 CESTERROR:  prepared statement "insertplayer" already exists
2014-08-01 00:41:27 CESTSTATEMENT:  PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS  Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
       
        PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
        integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer)
        as
        Update CompiledPlayerResults set totalhands = totalhands + $6
        , TotalAmountWonincents = TotalAmountWonincents + $7
        , TotalRakeincents = TotalRakeincents + $8
        , TotalBBsWon = TotalBBsWon + $9
        , VPIPHands = VPIPHands + $10
        , PFRHands = PFRHands + $11
        , CouldColdCall = CouldColdCall + $12
        , DidColdCall = DidColdCall + $13
        , CouldThreeBet = CouldThreeBet + $14
        , DidThreeBet = DidThreeBet + $15
        , CouldSqueeze = CouldSqueeze + $16
        , DidSqueeze = DidSqueeze + $17
        , FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
        , CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
        , RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
        , SmallBlindStealAttempted = SmallBlindStealAttempted + $21
        , SmallBlindStealDefended = SmallBlindStealDefended + $22
        , SmallBlindStealReraised = SmallBlindStealReraised + $23
        , BigBlindStealAttempted = BigBlindStealAttempted + $24
        , BigBlindStealDefended = BigBlindStealDefended + $25
        , BigBlindStealReraised = BigBlindStealReraised + $26
        , SawNonSmallShowdown = SawNonSmallShowdown + $27
        , WonNonSmallShowdown = WonNonSmallShowdown + $28
        , SawLargeShowdown = SawLargeShowdown + $29
        , WonLargeShowdown = WonLargeShowdown + $30
        , SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
        , WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
        , SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
        , WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
        , WonHand = WonHand + $35
        , WonHandWhenSawFlop = WonHandWhenSawFlop + $36
        , WonHandWhenSawTurn = WonHandWhenSawTurn + $37
        , WonHandWhenSawRiver = WonHandWhenSawRiver + $38
        , FacedThreeBetPreflop = FacedThreeBetPreflop + $39
        , FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
        , CalledThreeBetPreflop = CalledThreeBetPreflop + $41
        , RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
        , FacedFourBetPreflop = FacedFourBetPreflop + $43
        , FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
        , CalledFourBetPreflop = CalledFourBetPreflop + $45
        , RaisedFourBetPreflop = RaisedFourBetPreflop + $46
        , TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
        , TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
        , TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
        , RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
        , RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
        , RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
        , SawFlop = SawFlop + $53
        , SawShowdown = SawShowdown + $54
        , WonShowdown = WonShowdown + $55
        , TotalBets = TotalBets + $56
        , TotalCalls = TotalCalls + $57
        , FlopContinuationBetPossible = FlopContinuationBetPossible + $58
        , FlopContinuationBetMade = FlopContinuationBetMade + $59
        , TurnContinuationBetPossible = TurnContinuationBetPossible + $60
        , TurnContinuationBetMade = TurnContinuationBetMade + $61
        , RiverContinuationBetPossible = RiverContinuationBetPossible + $62
        , RiverContinuationBetMade = RiverContinuationBetMade + $63
        , FacingFlopContinuationBet = FacingFlopContinuationBet + $64
        , FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
        , CalledFlopContinuationBet = CalledFlopContinuationBet + $66
        , RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
        , FacingTurnContinuationBet = FacingTurnContinuationBet + $68
        , FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
        , CalledTurnContinuationBet = CalledTurnContinuationBet + $70
        , RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
        , FacingRiverContinuationBet = FacingRiverContinuationBet + $72
        , FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
        , CalledRiverContinuationBet = CalledRiverContinuationBet + $74
        , RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
        , TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
        , totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
        where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
        and playedyearandmonth = $2
        and numberofplayers = $3
        and gametype_id = $4
        and bbgroup_id = $5 limit 1);

Error: (08/01/2014 00:40:32 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-08-01 00:40:32 CESTERROR:  prepared statement "insertplayer" already exists
2014-08-01 00:40:32 CESTSTATEMENT:  PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS  Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
       
        PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
        integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer)
        as
        Update CompiledPlayerResults set totalhands = totalhands + $6
        , TotalAmountWonincents = TotalAmountWonincents + $7
        , TotalRakeincents = TotalRakeincents + $8
        , TotalBBsWon = TotalBBsWon + $9
        , VPIPHands = VPIPHands + $10
        , PFRHands = PFRHands + $11
        , CouldColdCall = CouldColdCall + $12
        , DidColdCall = DidColdCall + $13
        , CouldThreeBet = CouldThreeBet + $14
        , DidThreeBet = DidThreeBet + $15
        , CouldSqueeze = CouldSqueeze + $16
        , DidSqueeze = DidSqueeze + $17
        , FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
        , CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
        , RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
        , SmallBlindStealAttempted = SmallBlindStealAttempted + $21
        , SmallBlindStealDefended = SmallBlindStealDefended + $22
        , SmallBlindStealReraised = SmallBlindStealReraised + $23
        , BigBlindStealAttempted = BigBlindStealAttempted + $24
        , BigBlindStealDefended = BigBlindStealDefended + $25
        , BigBlindStealReraised = BigBlindStealReraised + $26
        , SawNonSmallShowdown = SawNonSmallShowdown + $27
        , WonNonSmallShowdown = WonNonSmallShowdown + $28
        , SawLargeShowdown = SawLargeShowdown + $29
        , WonLargeShowdown = WonLargeShowdown + $30
        , SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
        , WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
        , SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
        , WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
        , WonHand = WonHand + $35
        , WonHandWhenSawFlop = WonHandWhenSawFlop + $36
        , WonHandWhenSawTurn = WonHandWhenSawTurn + $37
        , WonHandWhenSawRiver = WonHandWhenSawRiver + $38
        , FacedThreeBetPreflop = FacedThreeBetPreflop + $39
        , FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
        , CalledThreeBetPreflop = CalledThreeBetPreflop + $41
        , RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
        , FacedFourBetPreflop = FacedFourBetPreflop + $43
        , FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
        , CalledFourBetPreflop = CalledFourBetPreflop + $45
        , RaisedFourBetPreflop = RaisedFourBetPreflop + $46
        , TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
        , TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
        , TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
        , RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
        , RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
        , RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
        , SawFlop = SawFlop + $53
        , SawShowdown = SawShowdown + $54
        , WonShowdown = WonShowdown + $55
        , TotalBets = TotalBets + $56
        , TotalCalls = TotalCalls + $57
        , FlopContinuationBetPossible = FlopContinuationBetPossible + $58
        , FlopContinuationBetMade = FlopContinuationBetMade + $59
        , TurnContinuationBetPossible = TurnContinuationBetPossible + $60
        , TurnContinuationBetMade = TurnContinuationBetMade + $61
        , RiverContinuationBetPossible = RiverContinuationBetPossible + $62
        , RiverContinuationBetMade = RiverContinuationBetMade + $63
        , FacingFlopContinuationBet = FacingFlopContinuationBet + $64
        , FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
        , CalledFlopContinuationBet = CalledFlopContinuationBet + $66
        , RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
        , FacingTurnContinuationBet = FacingTurnContinuationBet + $68
        , FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
        , CalledTurnContinuationBet = CalledTurnContinuationBet + $70
        , RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
        , FacingRiverContinuationBet = FacingRiverContinuationBet + $72
        , FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
        , CalledRiverContinuationBet = CalledRiverContinuationBet + $74
        , RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
        , TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
        , totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
        where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
        and playedyearandmonth = $2
        and numberofplayers = $3
        and gametype_id = $4
        and bbgroup_id = $5 limit 1);

Error: (08/01/2014 00:39:52 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-08-01 00:39:52 CESTERROR:  prepared statement "insertplayer" already exists
2014-08-01 00:39:52 CESTSTATEMENT:  PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS  Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
       
        PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
        integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer)
        as
        Update CompiledPlayerResults set totalhands = totalhands + $6
        , TotalAmountWonincents = TotalAmountWonincents + $7
        , TotalRakeincents = TotalRakeincents + $8
        , TotalBBsWon = TotalBBsWon + $9
        , VPIPHands = VPIPHands + $10
        , PFRHands = PFRHands + $11
        , CouldColdCall = CouldColdCall + $12
        , DidColdCall = DidColdCall + $13
        , CouldThreeBet = CouldThreeBet + $14
        , DidThreeBet = DidThreeBet + $15
        , CouldSqueeze = CouldSqueeze + $16
        , DidSqueeze = DidSqueeze + $17
        , FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
        , CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
        , RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
        , SmallBlindStealAttempted = SmallBlindStealAttempted + $21
        , SmallBlindStealDefended = SmallBlindStealDefended + $22
        , SmallBlindStealReraised = SmallBlindStealReraised + $23
        , BigBlindStealAttempted = BigBlindStealAttempted + $24
        , BigBlindStealDefended = BigBlindStealDefended + $25
        , BigBlindStealReraised = BigBlindStealReraised + $26
        , SawNonSmallShowdown = SawNonSmallShowdown + $27
        , WonNonSmallShowdown = WonNonSmallShowdown + $28
        , SawLargeShowdown = SawLargeShowdown + $29
        , WonLargeShowdown = WonLargeShowdown + $30
        , SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
        , WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
        , SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
        , WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
        , WonHand = WonHand + $35
        , WonHandWhenSawFlop = WonHandWhenSawFlop + $36
        , WonHandWhenSawTurn = WonHandWhenSawTurn + $37
        , WonHandWhenSawRiver = WonHandWhenSawRiver + $38
        , FacedThreeBetPreflop = FacedThreeBetPreflop + $39
        , FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
        , CalledThreeBetPreflop = CalledThreeBetPreflop + $41
        , RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
        , FacedFourBetPreflop = FacedFourBetPreflop + $43
        , FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
        , CalledFourBetPreflop = CalledFourBetPreflop + $45
        , RaisedFourBetPreflop = RaisedFourBetPreflop + $46
        , TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
        , TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
        , TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
        , RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
        , RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
        , RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
        , SawFlop = SawFlop + $53
        , SawShowdown = SawShowdown + $54
        , WonShowdown = WonShowdown + $55
        , TotalBets = TotalBets + $56
        , TotalCalls = TotalCalls + $57
        , FlopContinuationBetPossible = FlopContinuationBetPossible + $58
        , FlopContinuationBetMade = FlopContinuationBetMade + $59
        , TurnContinuationBetPossible = TurnContinuationBetPossible + $60
        , TurnContinuationBetMade = TurnContinuationBetMade + $61
        , RiverContinuationBetPossible = RiverContinuationBetPossible + $62
        , RiverContinuationBetMade = RiverContinuationBetMade + $63
        , FacingFlopContinuationBet = FacingFlopContinuationBet + $64
        , FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
        , CalledFlopContinuationBet = CalledFlopContinuationBet + $66
        , RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
        , FacingTurnContinuationBet = FacingTurnContinuationBet + $68
        , FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
        , CalledTurnContinuationBet = CalledTurnContinuationBet + $70
        , RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
        , FacingRiverContinuationBet = FacingRiverContinuationBet + $72
        , FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
        , CalledRiverContinuationBet = CalledRiverContinuationBet + $74
        , RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
        , TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
        , totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
        where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
        and playedyearandmonth = $2
        and numberofplayers = $3
        and gametype_id = $4
        and bbgroup_id = $5 limit 1);

Error: (08/01/2014 00:38:52 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-08-01 00:38:52 CESTERROR:  prepared statement "insertplayer" already exists
2014-08-01 00:38:52 CESTSTATEMENT:  PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS  Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
       
        PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
        integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer)
        as
        Update CompiledPlayerResults set totalhands = totalhands + $6
        , TotalAmountWonincents = TotalAmountWonincents + $7
        , TotalRakeincents = TotalRakeincents + $8
        , TotalBBsWon = TotalBBsWon + $9
        , VPIPHands = VPIPHands + $10
        , PFRHands = PFRHands + $11
        , CouldColdCall = CouldColdCall + $12
        , DidColdCall = DidColdCall + $13
        , CouldThreeBet = CouldThreeBet + $14
        , DidThreeBet = DidThreeBet + $15
        , CouldSqueeze = CouldSqueeze + $16
        , DidSqueeze = DidSqueeze + $17
        , FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
        , CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
        , RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
        , SmallBlindStealAttempted = SmallBlindStealAttempted + $21
        , SmallBlindStealDefended = SmallBlindStealDefended + $22
        , SmallBlindStealReraised = SmallBlindStealReraised + $23
        , BigBlindStealAttempted = BigBlindStealAttempted + $24
        , BigBlindStealDefended = BigBlindStealDefended + $25
        , BigBlindStealReraised = BigBlindStealReraised + $26
        , SawNonSmallShowdown = SawNonSmallShowdown + $27
        , WonNonSmallShowdown = WonNonSmallShowdown + $28
        , SawLargeShowdown = SawLargeShowdown + $29
        , WonLargeShowdown = WonLargeShowdown + $30
        , SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
        , WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
        , SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
        , WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
        , WonHand = WonHand + $35
        , WonHandWhenSawFlop = WonHandWhenSawFlop + $36
        , WonHandWhenSawTurn = WonHandWhenSawTurn + $37
        , WonHandWhenSawRiver = WonHandWhenSawRiver + $38
        , FacedThreeBetPreflop = FacedThreeBetPreflop + $39
        , FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
        , CalledThreeBetPreflop = CalledThreeBetPreflop + $41
        , RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
        , FacedFourBetPreflop = FacedFourBetPreflop + $43
        , FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
        , CalledFourBetPreflop = CalledFourBetPreflop + $45
        , RaisedFourBetPreflop = RaisedFourBetPreflop + $46
        , TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
        , TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
        , TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
        , RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
        , RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
        , RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
        , SawFlop = SawFlop + $53
        , SawShowdown = SawShowdown + $54
        , WonShowdown = WonShowdown + $55
        , TotalBets = TotalBets + $56
        , TotalCalls = TotalCalls + $57
        , FlopContinuationBetPossible = FlopContinuationBetPossible + $58
        , FlopContinuationBetMade = FlopContinuationBetMade + $59
        , TurnContinuationBetPossible = TurnContinuationBetPossible + $60
        , TurnContinuationBetMade = TurnContinuationBetMade + $61
        , RiverContinuationBetPossible = RiverContinuationBetPossible + $62
        , RiverContinuationBetMade = RiverContinuationBetMade + $63
        , FacingFlopContinuationBet = FacingFlopContinuationBet + $64
        , FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
        , CalledFlopContinuationBet = CalledFlopContinuationBet + $66
        , RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
        , FacingTurnContinuationBet = FacingTurnContinuationBet + $68
        , FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
        , CalledTurnContinuationBet = CalledTurnContinuationBet + $70
        , RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
        , FacingRiverContinuationBet = FacingRiverContinuationBet + $72
        , FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
        , CalledRiverContinuationBet = CalledRiverContinuationBet + $74
        , RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
        , TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
        , totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
        where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
        and playedyearandmonth = $2
        and numberofplayers = $3
        and gametype_id = $4
        and bbgroup_id = $5 limit 1);

Error: (08/01/2014 00:37:52 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-08-01 00:37:52 CESTERROR:  prepared statement "insertplayer" already exists
2014-08-01 00:37:52 CESTSTATEMENT:  PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS  Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
       
        PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
        integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer,integer,integer,integer,
        integer,integer)
        as
        Update CompiledPlayerResults set totalhands = totalhands + $6
        , TotalAmountWonincents = TotalAmountWonincents + $7
        , TotalRakeincents = TotalRakeincents + $8
        , TotalBBsWon = TotalBBsWon + $9
        , VPIPHands = VPIPHands + $10
        , PFRHands = PFRHands + $11
        , CouldColdCall = CouldColdCall + $12
        , DidColdCall = DidColdCall + $13
        , CouldThreeBet = CouldThreeBet + $14
        , DidThreeBet = DidThreeBet + $15
        , CouldSqueeze = CouldSqueeze + $16
        , DidSqueeze = DidSqueeze + $17
        , FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
        , CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
        , RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
        , SmallBlindStealAttempted = SmallBlindStealAttempted + $21
        , SmallBlindStealDefended = SmallBlindStealDefended + $22
        , SmallBlindStealReraised = SmallBlindStealReraised + $23
        , BigBlindStealAttempted = BigBlindStealAttempted + $24
        , BigBlindStealDefended = BigBlindStealDefended + $25
        , BigBlindStealReraised = BigBlindStealReraised + $26
        , SawNonSmallShowdown = SawNonSmallShowdown + $27
        , WonNonSmallShowdown = WonNonSmallShowdown + $28
        , SawLargeShowdown = SawLargeShowdown + $29
        , WonLargeShowdown = WonLargeShowdown + $30
        , SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
        , WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
        , SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
        , WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
        , WonHand = WonHand + $35
        , WonHandWhenSawFlop = WonHandWhenSawFlop + $36
        , WonHandWhenSawTurn = WonHandWhenSawTurn + $37
        , WonHandWhenSawRiver = WonHandWhenSawRiver + $38
        , FacedThreeBetPreflop = FacedThreeBetPreflop + $39
        , FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
        , CalledThreeBetPreflop = CalledThreeBetPreflop + $41
        , RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
        , FacedFourBetPreflop = FacedFourBetPreflop + $43
        , FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
        , CalledFourBetPreflop = CalledFourBetPreflop + $45
        , RaisedFourBetPreflop = RaisedFourBetPreflop + $46
        , TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
        , TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
        , TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
        , RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
        , RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
        , RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
        , SawFlop = SawFlop + $53
        , SawShowdown = SawShowdown + $54
        , WonShowdown = WonShowdown + $55
        , TotalBets = TotalBets + $56
        , TotalCalls = TotalCalls + $57
        , FlopContinuationBetPossible = FlopContinuationBetPossible + $58
        , FlopContinuationBetMade = FlopContinuationBetMade + $59
        , TurnContinuationBetPossible = TurnContinuationBetPossible + $60
        , TurnContinuationBetMade = TurnContinuationBetMade + $61
        , RiverContinuationBetPossible = RiverContinuationBetPossible + $62
        , RiverContinuationBetMade = RiverContinuationBetMade + $63
        , FacingFlopContinuationBet = FacingFlopContinuationBet + $64
        , FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
        , CalledFlopContinuationBet = CalledFlopContinuationBet + $66
        , RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
        , FacingTurnContinuationBet = FacingTurnContinuationBet + $68
        , FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
        , CalledTurnContinuationBet = CalledTurnContinuationBet + $70
        , RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
        , FacingRiverContinuationBet = FacingRiverContinuationBet + $72
        , FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
        , CalledRiverContinuationBet = CalledRiverContinuationBet + $74
        , RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
        , TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
        , totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
        where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
        and playedyearandmonth = $2
        and numberofplayers = $3
        and gametype_id = $4
        and bbgroup_id = $5 limit 1);


System errors:
=============
Error: (07/18/2014 06:03:38 PM) (Source: DCOM) (EventID: 10010) (User: Lennart)
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}

Error: (07/12/2014 10:59:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Conexant Audio Message Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/10/2014 02:53:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Windows-Tool zum Entfernen bösartiger Software für Windows 8, 8.1 und Windows Server 2012, 2012 R2 x64 Edition - Juli 2014 (KB890830)

Error: (06/30/2014 04:30:27 AM) (Source: DCOM) (EventID: 10010) (User: Lennart)
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}

Error: (06/16/2014 04:49:14 AM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Windows8_OS" wurde eine Beschädigung erkannt.

Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x400000002c993. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".

Error: (06/13/2014 11:35:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Conexant Audio Message Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/13/2014 00:21:42 AM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Windows8_OS" wurde eine Beschädigung erkannt.

Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x400000002c993. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".

Error: (06/13/2014 00:21:21 AM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Windows8_OS" wurde eine Beschädigung erkannt.

Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x3000000032bcf. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".

Error: (05/23/2014 08:29:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Conexant Audio Message Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/20/2014 01:27:07 AM) (Source: DCOM) (EventID: 10010) (User: Lennart)
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 28%
Total physical RAM: 8057.77 MB
Available physical RAM: 5736.34 MB
Total Pagefile: 12678.79 MB
Available Pagefile: 9200.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:418.43 GB) (Free:351.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: ABFF4748)

Partition: GPT Partition Type.

==================== End Of Log ============================
Gmer:

Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-01 23:42:05
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000003f ST500LT012-9WS142 rev.0001LVM1 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Ich\AppData\Local\Temp\kfloapog.sys


---- Kernel code sections - GMER 2.1 ----

.text  C:\WINDOWS\System32\win32k.sys!W32pServiceTable                                                                                  fffff960001c4c00 7 bytes [00, 12, 81, 01, 00, 1B, F2]
.text  C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 8                                                                              fffff960001c4c08 7 bytes [01, 18, C0, FF, 00, D7, DA]

---- User code sections - GMER 2.1 ----

.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1116] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690                000007fd56231532 4 bytes [23, 56, FD, 07]
.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1116] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698                000007fd5623153a 4 bytes [23, 56, FD, 07]
.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1116] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246              000007fd5623165a 4 bytes [23, 56, FD, 07]
.text  C:\WINDOWS\system32\nvvsvc.exe[1132] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 690                                          000007fd56231532 4 bytes [23, 56, FD, 07]
.text  C:\WINDOWS\system32\nvvsvc.exe[1132] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 698                                          000007fd5623153a 4 bytes [23, 56, FD, 07]
.text  C:\WINDOWS\system32\nvvsvc.exe[1132] C:\WINDOWS\system32\MSIMG32.dll!TransparentBlt + 246                                        000007fd5623165a 4 bytes [23, 56, FD, 07]
.text  C:\WINDOWS\system32\nvvsvc.exe[1132] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                000007fd597c177a 4 bytes [7C, 59, FD, 07]
.text  C:\WINDOWS\system32\nvvsvc.exe[1132] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                000007fd597c1782 4 bytes [7C, 59, FD, 07]
.text  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3580] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690                  000007fd56231532 4 bytes [23, 56, FD, 07]
.text  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3580] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698                  000007fd5623153a 4 bytes [23, 56, FD, 07]
.text  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3580] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                000007fd5623165a 4 bytes [23, 56, FD, 07]
.text  C:\Windows\System32\igfxpers.exe[3920] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                              000007fd597c177a 4 bytes [7C, 59, FD, 07]
.text  C:\Windows\System32\igfxpers.exe[3920] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                              000007fd597c1782 4 bytes [7C, 59, FD, 07]
.text  C:\Program Files\Elantech\ETDCtrl.exe[3988] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690                                    000007fd56231532 4 bytes [23, 56, FD, 07]
.text  C:\Program Files\Elantech\ETDCtrl.exe[3988] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698                                    000007fd5623153a 4 bytes [23, 56, FD, 07]
.text  C:\Program Files\Elantech\ETDCtrl.exe[3988] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                  000007fd5623165a 4 bytes [23, 56, FD, 07]
.text  C:\Program Files (x86)\Bluetooth Suite\BtTray.exe[4004] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690                        000007fd56231532 4 bytes [23, 56, FD, 07]
.text  C:\Program Files (x86)\Bluetooth Suite\BtTray.exe[4004] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698                        000007fd5623153a 4 bytes [23, 56, FD, 07]
.text  C:\Program Files (x86)\Bluetooth Suite\BtTray.exe[4004] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                      000007fd5623165a 4 bytes [23, 56, FD, 07]
.text  C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[4084] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690                      000007fd56231532 4 bytes [23, 56, FD, 07]
.text  C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[4084] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698                      000007fd5623153a 4 bytes [23, 56, FD, 07]
.text  C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[4084] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                    000007fd5623165a 4 bytes [23, 56, FD, 07]
.text  C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[4084] C:\WINDOWS\SYSTEM32\WSOCK32.dll!recvfrom + 742                          000007fd478e1b32 4 bytes [8E, 47, FD, 07]
.text  C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[4084] C:\WINDOWS\SYSTEM32\WSOCK32.dll!recvfrom + 750                          000007fd478e1b3a 4 bytes [8E, 47, FD, 07]
.text  C:\Program Files\Elantech\ETDCtrlHelper.exe[3196] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690                              000007fd56231532 4 bytes [23, 56, FD, 07]
.text  C:\Program Files\Elantech\ETDCtrlHelper.exe[3196] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698                              000007fd5623153a 4 bytes [23, 56, FD, 07]
.text  C:\Program Files\Elantech\ETDCtrlHelper.exe[3196] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                            000007fd5623165a 4 bytes [23, 56, FD, 07]
.text  C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe[3276] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690    000007fd56231532 4 bytes [23, 56, FD, 07]
.text  C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe[3276] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698    000007fd5623153a 4 bytes [23, 56, FD, 07]
.text  C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe[3276] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246  000007fd5623165a 4 bytes [23, 56, FD, 07]
.text  C:\Program Files\Elantech\ETDIntelligent.exe[3372] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690                            000007fd56231532 4 bytes [23, 56, FD, 07]
.text  C:\Program Files\Elantech\ETDIntelligent.exe[3372] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698                            000007fd5623153a 4 bytes [23, 56, FD, 07]
.text  C:\Program Files\Elantech\ETDIntelligent.exe[3372] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                          000007fd5623165a 4 bytes [23, 56, FD, 07]

---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\system32\csrss.exe [612:3052]                                                                                          fffff960009cd5e8
Thread  C:\WINDOWS\system32\csrss.exe [612:504]                                                                                          fffff960009cd5e8
Thread  C:\WINDOWS\system32\csrss.exe [612:4580]                                                                                          fffff960009cd5e8
Thread  C:\WINDOWS\system32\csrss.exe [612:4584]                                                                                          fffff960009cd5e8
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [316:468]                                                                                          00000000009b6d0b
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [316:776]                                                                                          000000007000ec50
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [316:796]                                                                                          000000007000dc50
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [316:2660]                                                                                          000000007000e680
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [316:2656]                                                                                          00000000709297fe

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                            unknown MBR code

---- EOF - GMER 2.1 ----

Vielen vielen Danke für die Hilfe!

Bootsektor 02.08.2014 00:22
:hallo:

Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
  • Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:
  • Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [] CODE /CODE.
  • Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also CODE Logfile /CODE
  • Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Du hast da noch einen ZeroAccess auf dem Rechner, da müssen wir erst ran.
Wann lief auf dem Rechner Combofix?
Schritt 1
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.



Schritt 2
Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.




Schritt 3
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Alle Zeitangaben in WEZ +1. Es ist jetzt 02:55 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131